Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
  • Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
  • PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.

Differences Between: [Versions 310 and 311] [Versions 310 and 400] [Versions 310 and 401] [Versions 310 and 402] [Versions 310 and 403]

   1  <?php
   2  
   3  /**

   4   * XHTML 1.1 Forms module, defines all form-related elements found in HTML 4.

   5   */
   6  class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule
   7  {
   8      /**

   9       * @type string

  10       */
  11      public $name = 'Forms';
  12  
  13      /**

  14       * @type bool

  15       */
  16      public $safe = false;
  17  
  18      /**

  19       * @type array

  20       */
  21      public $content_sets = array(
  22          'Block' => 'Form',
  23          'Inline' => 'Formctrl',
  24      );
  25  
  26      /**

  27       * @param HTMLPurifier_Config $config

  28       */
  29      public function setup($config)
  30      {
  31          $form = $this->addElement(
  32              'form',
  33              'Form',
  34              'Required: Heading | List | Block | fieldset',
  35              'Common',
  36              array(
  37                  'accept' => 'ContentTypes',
  38                  'accept-charset' => 'Charsets',
  39                  'action*' => 'URI',
  40                  'method' => 'Enum#get,post',
  41                  // really ContentType, but these two are the only ones used today

  42                  'enctype' => 'Enum#application/x-www-form-urlencoded,multipart/form-data',
  43              )
  44          );
  45          $form->excludes = array('form' => true);
  46  
  47          $input = $this->addElement(
  48              'input',
  49              'Formctrl',
  50              'Empty',
  51              'Common',
  52              array(
  53                  'accept' => 'ContentTypes',
  54                  'accesskey' => 'Character',
  55                  'alt' => 'Text',
  56                  'checked' => 'Bool#checked',
  57                  'disabled' => 'Bool#disabled',
  58                  'maxlength' => 'Number',
  59                  'name' => 'CDATA',
  60                  'readonly' => 'Bool#readonly',
  61                  'size' => 'Number',
  62                  'src' => 'URI#embedded',
  63                  'tabindex' => 'Number',
  64                  'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image',
  65                  'value' => 'CDATA',
  66              )
  67          );
  68          $input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input();
  69  
  70          $this->addElement(
  71              'select',
  72              'Formctrl',
  73              'Required: optgroup | option',
  74              'Common',
  75              array(
  76                  'disabled' => 'Bool#disabled',
  77                  'multiple' => 'Bool#multiple',
  78                  'name' => 'CDATA',
  79                  'size' => 'Number',
  80                  'tabindex' => 'Number',
  81              )
  82          );
  83  
  84          $this->addElement(
  85              'option',
  86              false,
  87              'Optional: #PCDATA',
  88              'Common',
  89              array(
  90                  'disabled' => 'Bool#disabled',
  91                  'label' => 'Text',
  92                  'selected' => 'Bool#selected',
  93                  'value' => 'CDATA',
  94              )
  95          );
  96          // It's illegal for there to be more than one selected, but not

  97          // be multiple. Also, no selected means undefined behavior. This might

  98          // be difficult to implement; perhaps an injector, or a context variable.

  99  
 100          $textarea = $this->addElement(
 101              'textarea',
 102              'Formctrl',
 103              'Optional: #PCDATA',
 104              'Common',
 105              array(
 106                  'accesskey' => 'Character',
 107                  'cols*' => 'Number',
 108                  'disabled' => 'Bool#disabled',
 109                  'name' => 'CDATA',
 110                  'readonly' => 'Bool#readonly',
 111                  'rows*' => 'Number',
 112                  'tabindex' => 'Number',
 113              )
 114          );
 115          $textarea->attr_transform_pre[] = new HTMLPurifier_AttrTransform_Textarea();
 116  
 117          $button = $this->addElement(
 118              'button',
 119              'Formctrl',
 120              'Optional: #PCDATA | Heading | List | Block | Inline',
 121              'Common',
 122              array(
 123                  'accesskey' => 'Character',
 124                  'disabled' => 'Bool#disabled',
 125                  'name' => 'CDATA',
 126                  'tabindex' => 'Number',
 127                  'type' => 'Enum#button,submit,reset',
 128                  'value' => 'CDATA',
 129              )
 130          );
 131  
 132          // For exclusions, ideally we'd specify content sets, not literal elements

 133          $button->excludes = $this->makeLookup(
 134              'form',
 135              'fieldset', // Form
 136              'input',
 137              'select',
 138              'textarea',
 139              'label',
 140              'button', // Formctrl
 141              'a', // as per HTML 4.01 spec, this is omitted by modularization
 142              'isindex',
 143              'iframe' // legacy items
 144          );
 145  
 146          // Extra exclusion: img usemap="" is not permitted within this element.

 147          // We'll omit this for now, since we don't have any good way of

 148          // indicating it yet.

 149  
 150          // This is HIGHLY user-unfriendly; we need a custom child-def for this

 151          $this->addElement('fieldset', 'Form', 'Custom: (#WS?,legend,(Flow|#PCDATA)*)', 'Common');
 152  
 153          $label = $this->addElement(
 154              'label',
 155              'Formctrl',
 156              'Optional: #PCDATA | Inline',
 157              'Common',
 158              array(
 159                  'accesskey' => 'Character',
 160                  // 'for' => 'IDREF', // IDREF not implemented, cannot allow

 161              )
 162          );
 163          $label->excludes = array('label' => true);
 164  
 165          $this->addElement(
 166              'legend',
 167              false,
 168              'Optional: #PCDATA | Inline',
 169              'Common',
 170              array(
 171                  'accesskey' => 'Character',
 172              )
 173          );
 174  
 175          $this->addElement(
 176              'optgroup',
 177              false,
 178              'Required: option',
 179              'Common',
 180              array(
 181                  'disabled' => 'Bool#disabled',
 182                  'label*' => 'Text',
 183              )
 184          );
 185          // Don't forget an injector for <isindex>. This one's a little complex

 186          // because it maps to multiple elements.

 187      }
 188  }
 189  
 190  // vim: et sw=4 sts=4