aboutsummaryrefslogtreecommitdiffhomepage
path: root/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php
diff options
context:
space:
mode:
Diffstat (limited to 'inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php')
-rw-r--r--inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php105
1 files changed, 105 insertions, 0 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php
new file mode 100644
index 00000000..ccd4a24a
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php
@@ -0,0 +1,105 @@
1<?php
2
3/**
4 * Validates the HTML attribute ID.
5 * @warning Even though this is the id processor, it
6 * will ignore the directive Attr:IDBlacklist, since it will only
7 * go according to the ID accumulator. Since the accumulator is
8 * automatically generated, it will have already absorbed the
9 * blacklist. If you're hacking around, make sure you use load()!
10 */
11
12class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
13{
14
15 // selector is NOT a valid thing to use for IDREFs, because IDREFs
16 // *must* target IDs that exist, whereas selector #ids do not.
17
18 /**
19 * Determines whether or not we're validating an ID in a CSS
20 * selector context.
21 * @type bool
22 */
23 protected $selector;
24
25 /**
26 * @param bool $selector
27 */
28 public function __construct($selector = false)
29 {
30 $this->selector = $selector;
31 }
32
33 /**
34 * @param string $id
35 * @param HTMLPurifier_Config $config
36 * @param HTMLPurifier_Context $context
37 * @return bool|string
38 */
39 public function validate($id, $config, $context)
40 {
41 if (!$this->selector && !$config->get('Attr.EnableID')) {
42 return false;
43 }
44
45 $id = trim($id); // trim it first
46
47 if ($id === '') {
48 return false;
49 }
50
51 $prefix = $config->get('Attr.IDPrefix');
52 if ($prefix !== '') {
53 $prefix .= $config->get('Attr.IDPrefixLocal');
54 // prevent re-appending the prefix
55 if (strpos($id, $prefix) !== 0) {
56 $id = $prefix . $id;
57 }
58 } elseif ($config->get('Attr.IDPrefixLocal') !== '') {
59 trigger_error(
60 '%Attr.IDPrefixLocal cannot be used unless ' .
61 '%Attr.IDPrefix is set',
62 E_USER_WARNING
63 );
64 }
65
66 if (!$this->selector) {
67 $id_accumulator =& $context->get('IDAccumulator');
68 if (isset($id_accumulator->ids[$id])) {
69 return false;
70 }
71 }
72
73 // we purposely avoid using regex, hopefully this is faster
74
75 if (ctype_alpha($id)) {
76 $result = true;
77 } else {
78 if (!ctype_alpha(@$id[0])) {
79 return false;
80 }
81 // primitive style of regexps, I suppose
82 $trim = trim(
83 $id,
84 'A..Za..z0..9:-._'
85 );
86 $result = ($trim === '');
87 }
88
89 $regexp = $config->get('Attr.IDBlacklistRegexp');
90 if ($regexp && preg_match($regexp, $id)) {
91 return false;
92 }
93
94 if (!$this->selector && $result) {
95 $id_accumulator->add($id);
96 }
97
98 // if no change was made to the ID, return the result
99 // else, return the new id if stripping whitespace made it
100 // valid, or return false.
101 return $result ? $id : false;
102 }
103}
104
105// vim: et sw=4 sts=4