4 * Validates the HTML attribute ID.
5 * @warning Even though this is the id processor, it
6 * will ignore the directive Attr:IDBlacklist, since it will only
7 * go according to the ID accumulator. Since the accumulator is
8 * automatically generated, it will have already absorbed the
9 * blacklist. If you're hacking around, make sure you use load()!
12 class HTMLPurifier_AttrDef_HTML_ID
extends HTMLPurifier_AttrDef
15 // selector is NOT a valid thing to use for IDREFs, because IDREFs
16 // *must* target IDs that exist, whereas selector #ids do not.
19 * Determines whether or not we're validating an ID in a CSS
24 public function __construct($selector = false) {
25 $this->selector
= $selector;
28 public function validate($id, $config, $context) {
30 if (!$this->selector
&& !$config->get('Attr.EnableID')) return false;
32 $id = trim($id); // trim it first
34 if ($id === '') return false;
36 $prefix = $config->get('Attr.IDPrefix');
38 $prefix .= $config->get('Attr.IDPrefixLocal');
39 // prevent re-appending the prefix
40 if (strpos($id, $prefix) !== 0) $id = $prefix . $id;
41 } elseif ($config->get('Attr.IDPrefixLocal') !== '') {
42 trigger_error('%Attr.IDPrefixLocal cannot be used unless '.
43 '%Attr.IDPrefix is set', E_USER_WARNING
);
46 if (!$this->selector
) {
47 $id_accumulator =& $context->get('IDAccumulator');
48 if (isset($id_accumulator->ids
[$id])) return false;
51 // we purposely avoid using regex, hopefully this is faster
53 if (ctype_alpha($id)) {
56 if (!ctype_alpha(@$id[0])) return false;
57 $trim = trim( // primitive style of regexps, I suppose
61 $result = ($trim === '');
64 $regexp = $config->get('Attr.IDBlacklistRegexp');
65 if ($regexp && preg_match($regexp, $id)) {
69 if (!$this->selector
&& $result) $id_accumulator->add($id);
71 // if no change was made to the ID, return the result
72 // else, return the new id if stripping whitespace made it
73 // valid, or return false.
74 return $result ?
$id : false;