[3.1.1] Have CSS/Length.php use the new Length class. Also, put onus of non-negative to callee, which would compare $n.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1751 48356398-32a2-884e-a903-53898d9a118a

NEWS

@@ -11,7 +11,8 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
 
 3.1.1, unknown release date
 . Added HTMLPurifier_UnitConverter and HTMLPurifier_Length for convenient
-  handling of CSS-style lengths.
+  handling of CSS-style lengths. HTMLPurifier_AttrDef_CSS_Length now uses
+  this class.
 
 3.1.0, released 2008-05-18
 # Unnecessary references to objects (vestiges of PHP4) removed from method

TODO

@@ -15,7 +15,6 @@ afraid to cast your vote for the next feature to be implemented!
 - Allow imagecrash protection in CSS images to be turned off
 - Allow imagecrash protection in CSS to be configurable with a max value
 - Maintain old attribute data in tokens (configurable?)
-- Allow URIFilters to run early?
 - Lazy update of token when validating attributes?
 - Investigate how early internal structures can be accessed; this would
   prevent structures from being parsed and serialized multiple times.

library/HTMLPurifier/AttrDef/CSS/Length.php

@@ -6,46 +6,31 @@
 class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef
 {
     
-    /**
+    protected $nonNegative;
-     * Valid unit lookup table.
-     * @warning The code assumes all units are two characters long.  Be careful
-     *          if we have to change this behavior!
-     */
-    protected $units = array('em' => true, 'ex' => true, 'px' => true, 'in' => true,
-         'cm' => true, 'mm' => true, 'pt' => true, 'pc' => true);
-    /**
-     * Instance of HTMLPurifier_AttrDef_Number to defer number validation to
-     */
-    protected $number_def;
     
     /**
      * @param $non_negative Bool indication whether or not negative values are
      *                      allowed.
      */
     public function __construct($non_negative = false) {
-        $this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
+        $this->nonNegative = $non_negative;
     }
     
-    public function validate($length, $config, $context) {
+    public function validate($string, $config, $context) {
+        $string = $this->parseCDATA($string);
         
-        $length = $this->parseCDATA($length);
+        // Optimizations
-        if ($length === '') return false;
+        if ($string === '') return false;
-        if ($length === '0') return '0';
+        if ($string === '0') return '0';
-        $strlen = strlen($length);
+        if (strlen($string) === 1) return false;
-        if ($strlen === 1) return false; // impossible!
         
-        // we assume all units are two characters
+        $length = HTMLPurifier_Length::make($string);
-        $unit = substr($length, $strlen - 2);
+        if (!$length->isValid($this->nonNegative)) return false;
-        if (!ctype_lower($unit)) $unit = strtolower($unit);
-        $number = substr($length, 0, $strlen - 2);
         
-        if (!isset($this->units[$unit])) return false;
+        $n = $length->getN();
-        
+        if ($this->nonNegative && $n < 0) return false;
-        $number = $this->number_def->validate($number, $config, $context);
-        if ($number === false) return false;
-        
-        return $number . $unit;
         
+        return $length->toString();
     }
     
 }

library/HTMLPurifier/Length.php

@@ -53,17 +53,15 @@ class HTMLPurifier_Length
     
     /**
      * Validates the number and unit.
-     * @param bool $non_negative Whether or not to disable negative values.
-     * @note Maybe should be put in another class.
      */
-    protected function validate($non_negative = false) {
+    protected function validate() {
         // Special case:
         if ($this->n === '+0' || $this->n === '-0') $this->n = '0';
         if ($this->n === '0' && $this->unit === false) return true;
         if (!ctype_lower($this->unit)) $this->unit = strtolower($this->unit);
         if (!isset(HTMLPurifier_Length::$allowedUnits[$this->unit])) return false;
         // Hack:
-        $def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
+        $def = new HTMLPurifier_AttrDef_CSS_Number();
         $result = $def->validate($this->n, false, false);
         if ($result === false) return false;
         $this->n = $result;
@@ -91,8 +89,8 @@ class HTMLPurifier_Length
     /**
      * Returns true if this length unit is valid.
      */
-    public function isValid($non_negative = false) {
+    public function isValid() {
-        if ($this->isValid === null) $this->isValid = $this->validate($non_negative);
+        if ($this->isValid === null) $this->isValid = $this->validate();
         return $this->isValid;
     }
     

tests/HTMLPurifier/LengthTest.php

@@ -20,10 +20,10 @@ class HTMLPurifier_LengthTest extends HTMLPurifier_Harness
         $this->assertIdentical($l->toString(), '23in');
     }
     
-    protected function assertValidate($string, $expect = true, $disable_negative = false) {
+    protected function assertValidate($string, $expect = true) {
         if ($expect === true) $expect = $string;
         $l = HTMLPurifier_Length::make($string);
-        $result = $l->isValid($disable_negative);
+        $result = $l->isValid();
         if ($result === false) $this->assertIdentical($expect, false);
         else $this->assertIdentical($l->toString(), $expect);
     }
@@ -45,7 +45,6 @@ class HTMLPurifier_LengthTest extends HTMLPurifier_Harness
         $this->assertValidate('3PX', '3px');
         $this->assertValidate('3', false);
         $this->assertValidate('3miles', false);
-        $this->assertValidate('-3mm', false, true); // no-negatives
     }
     
 }