]>
Commit | Line | Data |
---|---|---|
010efc9b AD |
1 | <?php |
2 | ||
3 | /** | |
4 | * Validates an integer representation of pixels according to the HTML spec. | |
5 | */ | |
6 | class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef | |
7 | { | |
8 | ||
9 | protected $max; | |
10 | ||
11 | public function __construct($max = null) { | |
12 | $this->max = $max; | |
13 | } | |
14 | ||
15 | public function validate($string, $config, $context) { | |
16 | ||
17 | $string = trim($string); | |
18 | if ($string === '0') return $string; | |
19 | if ($string === '') return false; | |
20 | $length = strlen($string); | |
21 | if (substr($string, $length - 2) == 'px') { | |
22 | $string = substr($string, 0, $length - 2); | |
23 | } | |
24 | if (!is_numeric($string)) return false; | |
25 | $int = (int) $string; | |
26 | ||
27 | if ($int < 0) return '0'; | |
28 | ||
29 | // upper-bound value, extremely high values can | |
30 | // crash operating systems, see <http://ha.ckers.org/imagecrash.html> | |
31 | // WARNING, above link WILL crash you if you're using Windows | |
32 | ||
33 | if ($this->max !== null && $int > $this->max) return (string) $this->max; | |
34 | ||
35 | return (string) $int; | |
36 | ||
37 | } | |
38 | ||
39 | public function make($string) { | |
40 | if ($string === '') $max = null; | |
41 | else $max = (int) $string; | |
42 | $class = get_class($this); | |
43 | return new $class($max); | |
44 | } | |
45 | ||
46 | } | |
47 | ||
48 | // vim: et sw=4 sts=4 |