0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-22 16:31:53 +00:00

[3.1.1] Have CSS/Length.php use the new Length class. Also, put onus of non-negative to callee, which would compare $n.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1751 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2008-05-20 23:15:20 +00:00
parent d8da5ff406
commit 64b5581bf2
5 changed files with 21 additions and 39 deletions

3
NEWS
View File

@ -11,7 +11,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
3.1.1, unknown release date
. Added HTMLPurifier_UnitConverter and HTMLPurifier_Length for convenient
handling of CSS-style lengths.
handling of CSS-style lengths. HTMLPurifier_AttrDef_CSS_Length now uses
this class.
3.1.0, released 2008-05-18
# Unnecessary references to objects (vestiges of PHP4) removed from method

1
TODO
View File

@ -15,7 +15,6 @@ afraid to cast your vote for the next feature to be implemented!
- Allow imagecrash protection in CSS images to be turned off
- Allow imagecrash protection in CSS to be configurable with a max value
- Maintain old attribute data in tokens (configurable?)
- Allow URIFilters to run early?
- Lazy update of token when validating attributes?
- Investigate how early internal structures can be accessed; this would
prevent structures from being parsed and serialized multiple times.

View File

@ -6,46 +6,31 @@
class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef
{
/**
* Valid unit lookup table.
* @warning The code assumes all units are two characters long. Be careful
* if we have to change this behavior!
*/
protected $units = array('em' => true, 'ex' => true, 'px' => true, 'in' => true,
'cm' => true, 'mm' => true, 'pt' => true, 'pc' => true);
/**
* Instance of HTMLPurifier_AttrDef_Number to defer number validation to
*/
protected $number_def;
protected $nonNegative;
/**
* @param $non_negative Bool indication whether or not negative values are
* allowed.
*/
public function __construct($non_negative = false) {
$this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
$this->nonNegative = $non_negative;
}
public function validate($length, $config, $context) {
public function validate($string, $config, $context) {
$string = $this->parseCDATA($string);
$length = $this->parseCDATA($length);
if ($length === '') return false;
if ($length === '0') return '0';
$strlen = strlen($length);
if ($strlen === 1) return false; // impossible!
// Optimizations
if ($string === '') return false;
if ($string === '0') return '0';
if (strlen($string) === 1) return false;
// we assume all units are two characters
$unit = substr($length, $strlen - 2);
if (!ctype_lower($unit)) $unit = strtolower($unit);
$number = substr($length, 0, $strlen - 2);
$length = HTMLPurifier_Length::make($string);
if (!$length->isValid($this->nonNegative)) return false;
if (!isset($this->units[$unit])) return false;
$number = $this->number_def->validate($number, $config, $context);
if ($number === false) return false;
return $number . $unit;
$n = $length->getN();
if ($this->nonNegative && $n < 0) return false;
return $length->toString();
}
}

View File

@ -53,17 +53,15 @@ class HTMLPurifier_Length
/**
* Validates the number and unit.
* @param bool $non_negative Whether or not to disable negative values.
* @note Maybe should be put in another class.
*/
protected function validate($non_negative = false) {
protected function validate() {
// Special case:
if ($this->n === '+0' || $this->n === '-0') $this->n = '0';
if ($this->n === '0' && $this->unit === false) return true;
if (!ctype_lower($this->unit)) $this->unit = strtolower($this->unit);
if (!isset(HTMLPurifier_Length::$allowedUnits[$this->unit])) return false;
// Hack:
$def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
$def = new HTMLPurifier_AttrDef_CSS_Number();
$result = $def->validate($this->n, false, false);
if ($result === false) return false;
$this->n = $result;
@ -91,8 +89,8 @@ class HTMLPurifier_Length
/**
* Returns true if this length unit is valid.
*/
public function isValid($non_negative = false) {
if ($this->isValid === null) $this->isValid = $this->validate($non_negative);
public function isValid() {
if ($this->isValid === null) $this->isValid = $this->validate();
return $this->isValid;
}

View File

@ -20,10 +20,10 @@ class HTMLPurifier_LengthTest extends HTMLPurifier_Harness
$this->assertIdentical($l->toString(), '23in');
}
protected function assertValidate($string, $expect = true, $disable_negative = false) {
protected function assertValidate($string, $expect = true) {
if ($expect === true) $expect = $string;
$l = HTMLPurifier_Length::make($string);
$result = $l->isValid($disable_negative);
$result = $l->isValid();
if ($result === false) $this->assertIdentical($expect, false);
else $this->assertIdentical($l->toString(), $expect);
}
@ -45,7 +45,6 @@ class HTMLPurifier_LengthTest extends HTMLPurifier_Harness
$this->assertValidate('3PX', '3px');
$this->assertValidate('3', false);
$this->assertValidate('3miles', false);
$this->assertValidate('-3mm', false, true); // no-negatives
}
}