HTMLPurifier 4.4.0
|
00001 <?php 00002 00013 abstract class HTMLPurifier_AttrDef 00014 { 00015 00020 public $minimized = false; 00021 00026 public $required = false; 00027 00035 abstract public function validate($string, $config, $context); 00036 00058 public function parseCDATA($string) { 00059 $string = trim($string); 00060 $string = str_replace(array("\n", "\t", "\r"), ' ', $string); 00061 return $string; 00062 } 00063 00069 public function make($string) { 00070 // default implementation, return a flyweight of this object. 00071 // If $string has an effect on the returned object (i.e. you 00072 // need to overload this method), it is best 00073 // to clone or instantiate new copies. (Instantiation is safer.) 00074 return $this; 00075 } 00076 00081 protected function mungeRgb($string) { 00082 return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string); 00083 } 00084 00089 protected function expandCSSEscape($string) { 00090 // flexibly parse it 00091 $ret = ''; 00092 for ($i = 0, $c = strlen($string); $i < $c; $i++) { 00093 if ($string[$i] === '\\') { 00094 $i++; 00095 if ($i >= $c) { 00096 $ret .= '\\'; 00097 break; 00098 } 00099 if (ctype_xdigit($string[$i])) { 00100 $code = $string[$i]; 00101 for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) { 00102 if (!ctype_xdigit($string[$i])) break; 00103 $code .= $string[$i]; 00104 } 00105 // We have to be extremely careful when adding 00106 // new characters, to make sure we're not breaking 00107 // the encoding. 00108 $char = HTMLPurifier_Encoder::unichr(hexdec($code)); 00109 if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue; 00110 $ret .= $char; 00111 if ($i < $c && trim($string[$i]) !== '') $i--; 00112 continue; 00113 } 00114 if ($string[$i] === "\n") continue; 00115 } 00116 $ret .= $string[$i]; 00117 } 00118 return $ret; 00119 } 00120 00121 } 00122 00123 // vim: et sw=4 sts=4