library/HTMLPurifier/AttrTransform/Input.php

   1 <?php
   2
   3 /**
   4  * Performs miscellaneous cross attribute validation and filtering for
   5  * input elements. This is meant to be a post-transform.
   6  */
   7 class HTMLPurifier_AttrTransform_Input extends HTMLPurifier_AttrTransform {
   8
   9     protected $pixels;
  10
  11     public function __construct() {
  12         $this->pixels = new HTMLPurifier_AttrDef_HTML_Pixels();
  13     }
  14
  15     public function transform($attr, $config, $context) {
  16         if (!isset($attr['type'])) $t = 'text';
  17         else $t = strtolower($attr['type']);
  18         if (isset($attr['checked']) && $t !== 'radio' && $t !== 'checkbox') {
  19             unset($attr['checked']);
  20         }
  21         if (isset($attr['maxlength']) && $t !== 'text' && $t !== 'password') {
  22             unset($attr['maxlength']);
  23         }
  24         if (isset($attr['size']) && $t !== 'text' && $t !== 'password') {
  25             $result = $this->pixels->validate($attr['size'], $config, $context);
  26             if ($result === false) unset($attr['size']);
  27             else $attr['size'] = $result;
  28         }
  29         if (isset($attr['src']) && $t !== 'image') {
  30             unset($attr['src']);
  31         }
  32         if (!isset($attr['value']) && ($t === 'radio' || $t === 'checkbox')) {
  33             $attr['value'] = '';
  34         }
  35         return $attr;
  36     }
  37
  38 }
  39