HTMLPurifier 4.4.0
/home/ezyang/Dev/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Filter.php
Go to the documentation of this file.
00001 <?php
00002 
00008 class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
00009 {
00010 
00011     protected $intValidator;
00012 
00013     public function __construct() {
00014         $this->intValidator = new HTMLPurifier_AttrDef_Integer();
00015     }
00016 
00017     public function validate($value, $config, $context) {
00018         $value = $this->parseCDATA($value);
00019         if ($value === 'none') return $value;
00020         // if we looped this we could support multiple filters
00021         $function_length = strcspn($value, '(');
00022         $function = trim(substr($value, 0, $function_length));
00023         if ($function !== 'alpha' &&
00024             $function !== 'Alpha' &&
00025             $function !== 'progid:DXImageTransform.Microsoft.Alpha'
00026             ) return false;
00027         $cursor = $function_length + 1;
00028         $parameters_length = strcspn($value, ')', $cursor);
00029         $parameters = substr($value, $cursor, $parameters_length);
00030         $params = explode(',', $parameters);
00031         $ret_params = array();
00032         $lookup = array();
00033         foreach ($params as $param) {
00034             list($key, $value) = explode('=', $param);
00035             $key   = trim($key);
00036             $value = trim($value);
00037             if (isset($lookup[$key])) continue;
00038             if ($key !== 'opacity') continue;
00039             $value = $this->intValidator->validate($value, $config, $context);
00040             if ($value === false) continue;
00041             $int = (int) $value;
00042             if ($int > 100) $value = '100';
00043             if ($int < 0) $value = '0';
00044             $ret_params[] = "$key=$value";
00045             $lookup[$key] = true;
00046         }
00047         $ret_parameters = implode(',', $ret_params);
00048         $ret_function = "$function($ret_parameters)";
00049         return $ret_function;
00050     }
00051 
00052 }
00053 
00054 // vim: et sw=4 sts=4