00001 <?php
00002
00008 class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
00009 {
00010
00011 protected $intValidator;
00012
00013 public function __construct() {
00014 $this->intValidator = new HTMLPurifier_AttrDef_Integer();
00015 }
00016
00017 public function validate($value, $config, $context) {
00018 $value = $this->parseCDATA($value);
00019 if ($value === 'none') return $value;
00020
00021 $function_length = strcspn($value, '(');
00022 $function = trim(substr($value, 0, $function_length));
00023 if ($function !== 'alpha' &&
00024 $function !== 'Alpha' &&
00025 $function !== 'progid:DXImageTransform.Microsoft.Alpha'
00026 ) return false;
00027 $cursor = $function_length + 1;
00028 $parameters_length = strcspn($value, ')', $cursor);
00029 $parameters = substr($value, $cursor, $parameters_length);
00030 $params = explode(',', $parameters);
00031 $ret_params = array();
00032 $lookup = array();
00033 foreach ($params as $param) {
00034 list($key, $value) = explode('=', $param);
00035 $key = trim($key);
00036 $value = trim($value);
00037 if (isset($lookup[$key])) continue;
00038 if ($key !== 'opacity') continue;
00039 $value = $this->intValidator->validate($value, $config, $context);
00040 if ($value === false) continue;
00041 $int = (int) $value;
00042 if ($int > 100) $value = '100';
00043 if ($int < 0) $value = '0';
00044 $ret_params[] = "$key=$value";
00045 $lookup[$key] = true;
00046 }
00047 $ret_parameters = implode(',', $ret_params);
00048 $ret_function = "$function($ret_parameters)";
00049 return $ret_function;
00050 }
00051
00052 }
