File indexing completed on 2024-05-26 06:02:31
0001 <?php 0002 0003 /** 0004 * Validates an integer representation of pixels according to the HTML spec. 0005 */ 0006 class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef 0007 { 0008 0009 /** 0010 * @type int 0011 */ 0012 protected $max; 0013 0014 /** 0015 * @param int $max 0016 */ 0017 public function __construct($max = null) 0018 { 0019 $this->max = $max; 0020 } 0021 0022 /** 0023 * @param string $string 0024 * @param HTMLPurifier_Config $config 0025 * @param HTMLPurifier_Context $context 0026 * @return bool|string 0027 */ 0028 public function validate($string, $config, $context) 0029 { 0030 $string = trim($string); 0031 if ($string === '0') { 0032 return $string; 0033 } 0034 if ($string === '') { 0035 return false; 0036 } 0037 $length = strlen($string); 0038 if (substr($string, $length - 2) == 'px') { 0039 $string = substr($string, 0, $length - 2); 0040 } 0041 if (!is_numeric($string)) { 0042 return false; 0043 } 0044 $int = (int)$string; 0045 0046 if ($int < 0) { 0047 return '0'; 0048 } 0049 0050 // upper-bound value, extremely high values can 0051 // crash operating systems, see <http://ha.ckers.org/imagecrash.html> 0052 // WARNING, above link WILL crash you if you're using Windows 0053 0054 if ($this->max !== null && $int > $this->max) { 0055 return (string)$this->max; 0056 } 0057 return (string)$int; 0058 } 0059 0060 /** 0061 * @param string $string 0062 * @return HTMLPurifier_AttrDef 0063 */ 0064 public function make($string) 0065 { 0066 if ($string === '') { 0067 $max = null; 0068 } else { 0069 $max = (int)$string; 0070 } 0071 $class = get_class($this); 0072 return new $class($max); 0073 } 0074 } 0075 0076 // vim: et sw=4 sts=4