HTMLPurifier 4.4.0
|
00001 <?php 00002 00006 class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef 00007 { 00008 00009 protected $max; 00010 00011 public function __construct($max = null) { 00012 $this->max = $max; 00013 } 00014 00015 public function validate($string, $config, $context) { 00016 00017 $string = trim($string); 00018 if ($string === '0') return $string; 00019 if ($string === '') return false; 00020 $length = strlen($string); 00021 if (substr($string, $length - 2) == 'px') { 00022 $string = substr($string, 0, $length - 2); 00023 } 00024 if (!is_numeric($string)) return false; 00025 $int = (int) $string; 00026 00027 if ($int < 0) return '0'; 00028 00029 // upper-bound value, extremely high values can 00030 // crash operating systems, see <http://ha.ckers.org/imagecrash.html> 00031 // WARNING, above link WILL crash you if you're using Windows 00032 00033 if ($this->max !== null && $int > $this->max) return (string) $this->max; 00034 00035 return (string) $int; 00036 00037 } 00038 00039 public function make($string) { 00040 if ($string === '') $max = null; 00041 else $max = (int) $string; 00042 $class = get_class($this); 00043 return new $class($max); 00044 } 00045 00046 } 00047 00048 // vim: et sw=4 sts=4