XOOPS 2.5.6  Final
 All Classes Namespaces Files Functions Variables Pages
AttrValidator.php
Go to the documentation of this file.
1 <?php
2 
9 {
10 
21  public function validateToken(&$token, &$config, $context) {
22 
23  $definition = $config->getHTMLDefinition();
24  $e =& $context->get('ErrorCollector', true);
25 
26  // initialize IDAccumulator if necessary
27  $ok =& $context->get('IDAccumulator', true);
28  if (!$ok) {
29  $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context);
30  $context->register('IDAccumulator', $id_accumulator);
31  }
32 
33  // initialize CurrentToken if necessary
34  $current_token =& $context->get('CurrentToken', true);
35  if (!$current_token) $context->register('CurrentToken', $token);
36 
37  if (
38  !$token instanceof HTMLPurifier_Token_Start &&
40  ) return $token;
41 
42  // create alias to global definition array, see also $defs
43  // DEFINITION CALL
44  $d_defs = $definition->info_global_attr;
45 
46  // don't update token until the very end, to ensure an atomic update
47  $attr = $token->attr;
48 
49  // do global transformations (pre)
50  // nothing currently utilizes this
51  foreach ($definition->info_attr_transform_pre as $transform) {
52  $attr = $transform->transform($o = $attr, $config, $context);
53  if ($e) {
54  if ($attr != $o) $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr);
55  }
56  }
57 
58  // do local transformations only applicable to this element (pre)
59  // ex. <p align="right"> to <p style="text-align:right;">
60  foreach ($definition->info[$token->name]->attr_transform_pre as $transform) {
61  $attr = $transform->transform($o = $attr, $config, $context);
62  if ($e) {
63  if ($attr != $o) $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr);
64  }
65  }
66 
67  // create alias to this element's attribute definition array, see
68  // also $d_defs (global attribute definition array)
69  // DEFINITION CALL
70  $defs = $definition->info[$token->name]->attr;
71 
72  $attr_key = false;
73  $context->register('CurrentAttr', $attr_key);
74 
75  // iterate through all the attribute keypairs
76  // Watch out for name collisions: $key has previously been used
77  foreach ($attr as $attr_key => $value) {
78 
79  // call the definition
80  if ( isset($defs[$attr_key]) ) {
81  // there is a local definition defined
82  if ($defs[$attr_key] === false) {
83  // We've explicitly been told not to allow this element.
84  // This is usually when there's a global definition
85  // that must be overridden.
86  // Theoretically speaking, we could have a
87  // AttrDef_DenyAll, but this is faster!
88  $result = false;
89  } else {
90  // validate according to the element's definition
91  $result = $defs[$attr_key]->validate(
92  $value, $config, $context
93  );
94  }
95  } elseif ( isset($d_defs[$attr_key]) ) {
96  // there is a global definition defined, validate according
97  // to the global definition
98  $result = $d_defs[$attr_key]->validate(
99  $value, $config, $context
100  );
101  } else {
102  // system never heard of the attribute? DELETE!
103  $result = false;
104  }
105 
106  // put the results into effect
107  if ($result === false || $result === null) {
108  // this is a generic error message that should replaced
109  // with more specific ones when possible
110  if ($e) $e->send(E_ERROR, 'AttrValidator: Attribute removed');
111 
112  // remove the attribute
113  unset($attr[$attr_key]);
114  } elseif (is_string($result)) {
115  // generally, if a substitution is happening, there
116  // was some sort of implicit correction going on. We'll
117  // delegate it to the attribute classes to say exactly what.
118 
119  // simple substitution
120  $attr[$attr_key] = $result;
121  } else {
122  // nothing happens
123  }
124 
125  // we'd also want slightly more complicated substitution
126  // involving an array as the return value,
127  // although we're not sure how colliding attributes would
128  // resolve (certain ones would be completely overriden,
129  // others would prepend themselves).
130  }
131 
132  $context->destroy('CurrentAttr');
133 
134  // post transforms
135 
136  // global (error reporting untested)
137  foreach ($definition->info_attr_transform_post as $transform) {
138  $attr = $transform->transform($o = $attr, $config, $context);
139  if ($e) {
140  if ($attr != $o) $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr);
141  }
142  }
143 
144  // local (error reporting untested)
145  foreach ($definition->info[$token->name]->attr_transform_post as $transform) {
146  $attr = $transform->transform($o = $attr, $config, $context);
147  if ($e) {
148  if ($attr != $o) $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr);
149  }
150  }
151 
152  $token->attr = $attr;
153 
154  // destroy CurrentToken if we made it ourselves
155  if (!$current_token) $context->destroy('CurrentToken');
156 
157  }
158 
159 
160 }
161 
162 // vim: et sw=4 sts=4