Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
- Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
- PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
/lib/htmlpurifier/HTMLPurifier/HTMLModule/ -> Forms.php (source)
Differences Between: [Versions 310 and 311] [Versions 310 and 400] [Versions 310 and 401] [Versions 310 and 402] [Versions 310 and 403]
1 <?php 2 3 /** 4 * XHTML 1.1 Forms module, defines all form-related elements found in HTML 4. 5 */ 6 class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule 7 { 8 /** 9 * @type string 10 */ 11 public $name = 'Forms'; 12 13 /** 14 * @type bool 15 */ 16 public $safe = false; 17 18 /** 19 * @type array 20 */ 21 public $content_sets = array( 22 'Block' => 'Form', 23 'Inline' => 'Formctrl', 24 ); 25 26 /** 27 * @param HTMLPurifier_Config $config 28 */ 29 public function setup($config) 30 { 31 $form = $this->addElement( 32 'form', 33 'Form', 34 'Required: Heading | List | Block | fieldset', 35 'Common', 36 array( 37 'accept' => 'ContentTypes', 38 'accept-charset' => 'Charsets', 39 'action*' => 'URI', 40 'method' => 'Enum#get,post', 41 // really ContentType, but these two are the only ones used today 42 'enctype' => 'Enum#application/x-www-form-urlencoded,multipart/form-data', 43 ) 44 ); 45 $form->excludes = array('form' => true); 46 47 $input = $this->addElement( 48 'input', 49 'Formctrl', 50 'Empty', 51 'Common', 52 array( 53 'accept' => 'ContentTypes', 54 'accesskey' => 'Character', 55 'alt' => 'Text', 56 'checked' => 'Bool#checked', 57 'disabled' => 'Bool#disabled', 58 'maxlength' => 'Number', 59 'name' => 'CDATA', 60 'readonly' => 'Bool#readonly', 61 'size' => 'Number', 62 'src' => 'URI#embedded', 63 'tabindex' => 'Number', 64 'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image', 65 'value' => 'CDATA', 66 ) 67 ); 68 $input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input(); 69 70 $this->addElement( 71 'select', 72 'Formctrl', 73 'Required: optgroup | option', 74 'Common', 75 array( 76 'disabled' => 'Bool#disabled', 77 'multiple' => 'Bool#multiple', 78 'name' => 'CDATA', 79 'size' => 'Number', 80 'tabindex' => 'Number', 81 ) 82 ); 83 84 $this->addElement( 85 'option', 86 false, 87 'Optional: #PCDATA', 88 'Common', 89 array( 90 'disabled' => 'Bool#disabled', 91 'label' => 'Text', 92 'selected' => 'Bool#selected', 93 'value' => 'CDATA', 94 ) 95 ); 96 // It's illegal for there to be more than one selected, but not 97 // be multiple. Also, no selected means undefined behavior. This might 98 // be difficult to implement; perhaps an injector, or a context variable. 99 100 $textarea = $this->addElement( 101 'textarea', 102 'Formctrl', 103 'Optional: #PCDATA', 104 'Common', 105 array( 106 'accesskey' => 'Character', 107 'cols*' => 'Number', 108 'disabled' => 'Bool#disabled', 109 'name' => 'CDATA', 110 'readonly' => 'Bool#readonly', 111 'rows*' => 'Number', 112 'tabindex' => 'Number', 113 ) 114 ); 115 $textarea->attr_transform_pre[] = new HTMLPurifier_AttrTransform_Textarea(); 116 117 $button = $this->addElement( 118 'button', 119 'Formctrl', 120 'Optional: #PCDATA | Heading | List | Block | Inline', 121 'Common', 122 array( 123 'accesskey' => 'Character', 124 'disabled' => 'Bool#disabled', 125 'name' => 'CDATA', 126 'tabindex' => 'Number', 127 'type' => 'Enum#button,submit,reset', 128 'value' => 'CDATA', 129 ) 130 ); 131 132 // For exclusions, ideally we'd specify content sets, not literal elements 133 $button->excludes = $this->makeLookup( 134 'form', 135 'fieldset', // Form 136 'input', 137 'select', 138 'textarea', 139 'label', 140 'button', // Formctrl 141 'a', // as per HTML 4.01 spec, this is omitted by modularization 142 'isindex', 143 'iframe' // legacy items 144 ); 145 146 // Extra exclusion: img usemap="" is not permitted within this element. 147 // We'll omit this for now, since we don't have any good way of 148 // indicating it yet. 149 150 // This is HIGHLY user-unfriendly; we need a custom child-def for this 151 $this->addElement('fieldset', 'Form', 'Custom: (#WS?,legend,(Flow|#PCDATA)*)', 'Common'); 152 153 $label = $this->addElement( 154 'label', 155 'Formctrl', 156 'Optional: #PCDATA | Inline', 157 'Common', 158 array( 159 'accesskey' => 'Character', 160 // 'for' => 'IDREF', // IDREF not implemented, cannot allow 161 ) 162 ); 163 $label->excludes = array('label' => true); 164 165 $this->addElement( 166 'legend', 167 false, 168 'Optional: #PCDATA | Inline', 169 'Common', 170 array( 171 'accesskey' => 'Character', 172 ) 173 ); 174 175 $this->addElement( 176 'optgroup', 177 false, 178 'Required: option', 179 'Common', 180 array( 181 'disabled' => 'Bool#disabled', 182 'label*' => 'Text', 183 ) 184 ); 185 // Don't forget an injector for <isindex>. This one's a little complex 186 // because it maps to multiple elements. 187 } 188 } 189 190 // vim: et sw=4 sts=4
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
