1: | <?php |
2: | |
3: | /** |
4: | * Validates an integer representation of pixels according to the HTML spec. |
5: | */ |
6: | class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef |
7: | { |
8: | |
9: | /** |
10: | * @type int |
11: | */ |
12: | protected $max; |
13: | |
14: | /** |
15: | * @param int $max |
16: | */ |
17: | public function __construct($max = null) |
18: | { |
19: | $this->max = $max; |
20: | } |
21: | |
22: | /** |
23: | * @param string $string |
24: | * @param HTMLPurifier_Config $config |
25: | * @param HTMLPurifier_Context $context |
26: | * @return bool|string |
27: | */ |
28: | public function validate($string, $config, $context) |
29: | { |
30: | $string = trim($string); |
31: | if ($string === '0') { |
32: | return $string; |
33: | } |
34: | if ($string === '') { |
35: | return false; |
36: | } |
37: | $length = strlen($string); |
38: | if (substr($string, $length - 2) == 'px') { |
39: | $string = substr($string, 0, $length - 2); |
40: | } |
41: | if (!is_numeric($string)) { |
42: | return false; |
43: | } |
44: | $int = (int)$string; |
45: | |
46: | if ($int < 0) { |
47: | return '0'; |
48: | } |
49: | |
50: | // upper-bound value, extremely high values can |
51: | // crash operating systems, see <http://ha.ckers.org/imagecrash.html> |
52: | // WARNING, above link WILL crash you if you're using Windows |
53: | |
54: | if ($this->max !== null && $int > $this->max) { |
55: | return (string)$this->max; |
56: | } |
57: | return (string)$int; |
58: | } |
59: | |
60: | /** |
61: | * @param string $string |
62: | * @return HTMLPurifier_AttrDef |
63: | */ |
64: | public function make($string) |
65: | { |
66: | if ($string === '') { |
67: | $max = null; |
68: | } else { |
69: | $max = (int)$string; |
70: | } |
71: | $class = get_class($this); |
72: | return new $class($max); |
73: | } |
74: | } |
75: | |
76: | // vim: et sw=4 sts=4 |
77: |