From 64b5581bf20fe292783c54a341ecced9cb91fde8 Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Tue, 20 May 2008 23:15:20 +0000 Subject: [PATCH] [3.1.1] Have CSS/Length.php use the new Length class. Also, put onus of non-negative to callee, which would compare $n. git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1751 48356398-32a2-884e-a903-53898d9a118a --- NEWS | 3 +- TODO | 1 - library/HTMLPurifier/AttrDef/CSS/Length.php | 89 ++++++++++++----------------- library/HTMLPurifier/Length.php | 10 ++-- tests/HTMLPurifier/LengthTest.php | 5 +- 5 files changed, 45 insertions(+), 63 deletions(-) rewrite library/HTMLPurifier/AttrDef/CSS/Length.php (76%) diff --git a/NEWS b/NEWS index fdd9ae7a..2c64b517 100644 --- a/NEWS +++ b/NEWS @@ -11,7 +11,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier 3.1.1, unknown release date . Added HTMLPurifier_UnitConverter and HTMLPurifier_Length for convenient - handling of CSS-style lengths. + handling of CSS-style lengths. HTMLPurifier_AttrDef_CSS_Length now uses + this class. 3.1.0, released 2008-05-18 # Unnecessary references to objects (vestiges of PHP4) removed from method diff --git a/TODO b/TODO index dfe865fe..4b04cf61 100644 --- a/TODO +++ b/TODO @@ -15,7 +15,6 @@ afraid to cast your vote for the next feature to be implemented! - Allow imagecrash protection in CSS images to be turned off - Allow imagecrash protection in CSS to be configurable with a max value - Maintain old attribute data in tokens (configurable?) -- Allow URIFilters to run early? - Lazy update of token when validating attributes? - Investigate how early internal structures can be accessed; this would prevent structures from being parsed and serialized multiple times. diff --git a/library/HTMLPurifier/AttrDef/CSS/Length.php b/library/HTMLPurifier/AttrDef/CSS/Length.php dissimilarity index 76% index 2684f8cc..2873d713 100644 --- a/library/HTMLPurifier/AttrDef/CSS/Length.php +++ b/library/HTMLPurifier/AttrDef/CSS/Length.php @@ -1,52 +1,37 @@ - true, 'ex' => true, 'px' => true, 'in' => true, - 'cm' => true, 'mm' => true, 'pt' => true, 'pc' => true); - /** - * Instance of HTMLPurifier_AttrDef_Number to defer number validation to - */ - protected $number_def; - - /** - * @param $non_negative Bool indication whether or not negative values are - * allowed. - */ - public function __construct($non_negative = false) { - $this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative); - } - - public function validate($length, $config, $context) { - - $length = $this->parseCDATA($length); - if ($length === '') return false; - if ($length === '0') return '0'; - $strlen = strlen($length); - if ($strlen === 1) return false; // impossible! - - // we assume all units are two characters - $unit = substr($length, $strlen - 2); - if (!ctype_lower($unit)) $unit = strtolower($unit); - $number = substr($length, 0, $strlen - 2); - - if (!isset($this->units[$unit])) return false; - - $number = $this->number_def->validate($number, $config, $context); - if ($number === false) return false; - - return $number . $unit; - - } - -} - +nonNegative = $non_negative; + } + + public function validate($string, $config, $context) { + $string = $this->parseCDATA($string); + + // Optimizations + if ($string === '') return false; + if ($string === '0') return '0'; + if (strlen($string) === 1) return false; + + $length = HTMLPurifier_Length::make($string); + if (!$length->isValid($this->nonNegative)) return false; + + $n = $length->getN(); + if ($this->nonNegative && $n < 0) return false; + + return $length->toString(); + } + +} + diff --git a/library/HTMLPurifier/Length.php b/library/HTMLPurifier/Length.php index d3028f56..92c3c28d 100644 --- a/library/HTMLPurifier/Length.php +++ b/library/HTMLPurifier/Length.php @@ -53,17 +53,15 @@ class HTMLPurifier_Length /** * Validates the number and unit. - * @param bool $non_negative Whether or not to disable negative values. - * @note Maybe should be put in another class. */ - protected function validate($non_negative = false) { + protected function validate() { // Special case: if ($this->n === '+0' || $this->n === '-0') $this->n = '0'; if ($this->n === '0' && $this->unit === false) return true; if (!ctype_lower($this->unit)) $this->unit = strtolower($this->unit); if (!isset(HTMLPurifier_Length::$allowedUnits[$this->unit])) return false; // Hack: - $def = new HTMLPurifier_AttrDef_CSS_Number($non_negative); + $def = new HTMLPurifier_AttrDef_CSS_Number(); $result = $def->validate($this->n, false, false); if ($result === false) return false; $this->n = $result; @@ -91,8 +89,8 @@ class HTMLPurifier_Length /** * Returns true if this length unit is valid. */ - public function isValid($non_negative = false) { - if ($this->isValid === null) $this->isValid = $this->validate($non_negative); + public function isValid() { + if ($this->isValid === null) $this->isValid = $this->validate(); return $this->isValid; } diff --git a/tests/HTMLPurifier/LengthTest.php b/tests/HTMLPurifier/LengthTest.php index 3a07a14b..dbb06880 100644 --- a/tests/HTMLPurifier/LengthTest.php +++ b/tests/HTMLPurifier/LengthTest.php @@ -20,10 +20,10 @@ class HTMLPurifier_LengthTest extends HTMLPurifier_Harness $this->assertIdentical($l->toString(), '23in'); } - protected function assertValidate($string, $expect = true, $disable_negative = false) { + protected function assertValidate($string, $expect = true) { if ($expect === true) $expect = $string; $l = HTMLPurifier_Length::make($string); - $result = $l->isValid($disable_negative); + $result = $l->isValid(); if ($result === false) $this->assertIdentical($expect, false); else $this->assertIdentical($l->toString(), $expect); } @@ -45,7 +45,6 @@ class HTMLPurifier_LengthTest extends HTMLPurifier_Harness $this->assertValidate('3PX', '3px'); $this->assertValidate('3', false); $this->assertValidate('3miles', false); - $this->assertValidate('-3mm', false, true); // no-negatives } } -- 2.11.4.GIT