HTMLPurifier 4.4.0
/home/ezyang/Dev/htmlpurifier/library/HTMLPurifier/HTMLModule/Forms.php
Go to the documentation of this file.
00001 <?php
00002 
00006 class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule
00007 {
00008     public $name = 'Forms';
00009     public $safe = false;
00010 
00011     public $content_sets = array(
00012         'Block' => 'Form',
00013         'Inline' => 'Formctrl',
00014     );
00015 
00016     public function setup($config) {
00017         $form = $this->addElement('form', 'Form',
00018           'Required: Heading | List | Block | fieldset', 'Common', array(
00019             'accept' => 'ContentTypes',
00020             'accept-charset' => 'Charsets',
00021             'action*' => 'URI',
00022             'method' => 'Enum#get,post',
00023             // really ContentType, but these two are the only ones used today
00024             'enctype' => 'Enum#application/x-www-form-urlencoded,multipart/form-data',
00025         ));
00026         $form->excludes = array('form' => true);
00027 
00028         $input = $this->addElement('input', 'Formctrl', 'Empty', 'Common', array(
00029             'accept' => 'ContentTypes',
00030             'accesskey' => 'Character',
00031             'alt' => 'Text',
00032             'checked' => 'Bool#checked',
00033             'disabled' => 'Bool#disabled',
00034             'maxlength' => 'Number',
00035             'name' => 'CDATA',
00036             'readonly' => 'Bool#readonly',
00037             'size' => 'Number',
00038             'src' => 'URI#embedded',
00039             'tabindex' => 'Number',
00040             'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image',
00041             'value' => 'CDATA',
00042         ));
00043         $input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input();
00044 
00045         $this->addElement('select', 'Formctrl', 'Required: optgroup | option', 'Common', array(
00046             'disabled' => 'Bool#disabled',
00047             'multiple' => 'Bool#multiple',
00048             'name' => 'CDATA',
00049             'size' => 'Number',
00050             'tabindex' => 'Number',
00051         ));
00052 
00053         $this->addElement('option', false, 'Optional: #PCDATA', 'Common', array(
00054             'disabled' => 'Bool#disabled',
00055             'label' => 'Text',
00056             'selected' => 'Bool#selected',
00057             'value' => 'CDATA',
00058         ));
00059         // It's illegal for there to be more than one selected, but not
00060         // be multiple. Also, no selected means undefined behavior. This might
00061         // be difficult to implement; perhaps an injector, or a context variable.
00062 
00063         $textarea = $this->addElement('textarea', 'Formctrl', 'Optional: #PCDATA', 'Common', array(
00064             'accesskey' => 'Character',
00065             'cols*' => 'Number',
00066             'disabled' => 'Bool#disabled',
00067             'name' => 'CDATA',
00068             'readonly' => 'Bool#readonly',
00069             'rows*' => 'Number',
00070             'tabindex' => 'Number',
00071         ));
00072         $textarea->attr_transform_pre[] = new HTMLPurifier_AttrTransform_Textarea();
00073 
00074         $button = $this->addElement('button', 'Formctrl', 'Optional: #PCDATA | Heading | List | Block | Inline', 'Common', array(
00075             'accesskey' => 'Character',
00076             'disabled' => 'Bool#disabled',
00077             'name' => 'CDATA',
00078             'tabindex' => 'Number',
00079             'type' => 'Enum#button,submit,reset',
00080             'value' => 'CDATA',
00081         ));
00082 
00083         // For exclusions, ideally we'd specify content sets, not literal elements
00084         $button->excludes = $this->makeLookup(
00085             'form', 'fieldset', // Form
00086             'input', 'select', 'textarea', 'label', 'button', // Formctrl
00087             'a', // as per HTML 4.01 spec, this is omitted by modularization
00088             'isindex', 'iframe' // legacy items
00089         );
00090 
00091         // Extra exclusion: img usemap="" is not permitted within this element.
00092         // We'll omit this for now, since we don't have any good way of
00093         // indicating it yet.
00094 
00095         // This is HIGHLY user-unfriendly; we need a custom child-def for this
00096         $this->addElement('fieldset', 'Form', 'Custom: (#WS?,legend,(Flow|#PCDATA)*)', 'Common');
00097 
00098         $label = $this->addElement('label', 'Formctrl', 'Optional: #PCDATA | Inline', 'Common', array(
00099             'accesskey' => 'Character',
00100             // 'for' => 'IDREF', // IDREF not implemented, cannot allow
00101         ));
00102         $label->excludes = array('label' => true);
00103 
00104         $this->addElement('legend', false, 'Optional: #PCDATA | Inline', 'Common', array(
00105             'accesskey' => 'Character',
00106         ));
00107 
00108         $this->addElement('optgroup', false, 'Required: option', 'Common', array(
00109             'disabled' => 'Bool#disabled',
00110             'label*' => 'Text',
00111         ));
00112 
00113         // Don't forget an injector for <isindex>. This one's a little complex
00114         // because it maps to multiple elements.
00115 
00116     }
00117 }
00118 
00119 // vim: et sw=4 sts=4