forked from GNUsocial/gnu-social
81ea0f8117
HTMLPurifier defangs arbitrary submitted HTML. We're using it in the OStatus plugin, but it may be valuable for other parts of the codebase (I think OEmbed might benefit, for example).
42 lines
984 B
PHP
42 lines
984 B
PHP
<?php
|
|
|
|
/**
|
|
* Validates a MultiLength as defined by the HTML spec.
|
|
*
|
|
* A multilength is either a integer (pixel count), a percentage, or
|
|
* a relative number.
|
|
*/
|
|
class HTMLPurifier_AttrDef_HTML_MultiLength extends HTMLPurifier_AttrDef_HTML_Length
|
|
{
|
|
|
|
public function validate($string, $config, $context) {
|
|
|
|
$string = trim($string);
|
|
if ($string === '') return false;
|
|
|
|
$parent_result = parent::validate($string, $config, $context);
|
|
if ($parent_result !== false) return $parent_result;
|
|
|
|
$length = strlen($string);
|
|
$last_char = $string[$length - 1];
|
|
|
|
if ($last_char !== '*') return false;
|
|
|
|
$int = substr($string, 0, $length - 1);
|
|
|
|
if ($int == '') return '*';
|
|
if (!is_numeric($int)) return false;
|
|
|
|
$int = (int) $int;
|
|
|
|
if ($int < 0) return false;
|
|
if ($int == 0) return '0';
|
|
if ($int == 1) return '*';
|
|
return ((string) $int) . '*';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|