htmlpurifier: HTMLPurifier/AttrDef/HTML/ID.php Quellcode

00001 <?php
00002 
00012 class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
00013 {
00014 
00015     // ref functionality disabled, since we also have to verify
00016     // whether or not the ID it refers to exists
00017 
00018     public function validate($id, $config, $context) {
00019 
00020         if (!$config->get('Attr.EnableID')) return false;
00021 
00022         $id = trim($id); // trim it first
00023 
00024         if ($id === '') return false;
00025 
00026         $prefix = $config->get('Attr.IDPrefix');
00027         if ($prefix !== '') {
00028             $prefix .= $config->get('Attr.IDPrefixLocal');
00029             // prevent re-appending the prefix
00030             if (strpos($id, $prefix) !== 0) $id = $prefix . $id;
00031         } elseif ($config->get('Attr.IDPrefixLocal') !== '') {
00032             trigger_error('%Attr.IDPrefixLocal cannot be used unless '.
00033                 '%Attr.IDPrefix is set', E_USER_WARNING);
00034         }
00035 
00036         //if (!$this->ref) {
00037             $id_accumulator =& $context->get('IDAccumulator');
00038             if (isset($id_accumulator->ids[$id])) return false;
00039         //}
00040 
00041         // we purposely avoid using regex, hopefully this is faster
00042 
00043         if (ctype_alpha($id)) {
00044             $result = true;
00045         } else {
00046             if (!ctype_alpha(@$id[0])) return false;
00047             $trim = trim( // primitive style of regexps, I suppose
00048                 $id,
00049                 'A..Za..z0..9:-._'
00050               );
00051             $result = ($trim === '');
00052         }
00053 
00054         $regexp = $config->get('Attr.IDBlacklistRegexp');
00055         if ($regexp && preg_match($regexp, $id)) {
00056             return false;
00057         }
00058 
00059         if ($result) $id_accumulator->add($id);
00060 
00061         // if no change was made to the ID, return the result
00062         // else, return the new id if stripping whitespace made it
00063         //     valid, or return false.
00064         return $result ? $id : false;
00065 
00066     }
00067 
00068 }
00069 
00070 // vim: et sw=4 sts=4


Copyright © 2003 - 2009 MyOOS [Shopsystem]. All rights reserved. MyOOS [Shopsystem] is Free Software released under the GNU/GPL License. Webmaster: info@r23.de (Impressum)