Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
  • Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
  • PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.
   1  <?php
   2  
   3  /**

   4   * Custom validation class, accepts DTD child definitions

   5   *

   6   * @warning Currently this class is an all or nothing proposition, that is,

   7   *          it will only give a bool return value.

   8   */
   9  class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef
  10  {
  11      /**

  12       * @type string

  13       */
  14      public $type = 'custom';
  15  
  16      /**

  17       * @type bool

  18       */
  19      public $allow_empty = false;
  20  
  21      /**

  22       * Allowed child pattern as defined by the DTD.

  23       * @type string

  24       */
  25      public $dtd_regex;
  26  
  27      /**

  28       * PCRE regex derived from $dtd_regex.

  29       * @type string

  30       */
  31      private $_pcre_regex;
  32  
  33      /**

  34       * @param $dtd_regex Allowed child pattern from the DTD

  35       */
  36      public function __construct($dtd_regex)
  37      {
  38          $this->dtd_regex = $dtd_regex;
  39          $this->_compileRegex();
  40      }
  41  
  42      /**

  43       * Compiles the PCRE regex from a DTD regex ($dtd_regex to $_pcre_regex)

  44       */
  45      protected function _compileRegex()
  46      {
  47          $raw = str_replace(' ', '', $this->dtd_regex);
  48          if ($raw[0] != '(') {
  49              $raw = "($raw)";
  50          }
  51          $el = '[#a-zA-Z0-9_.-]+';
  52          $reg = $raw;
  53  
  54          // COMPLICATED! AND MIGHT BE BUGGY! I HAVE NO CLUE WHAT I'M

  55          // DOING! Seriously: if there's problems, please report them.

  56  
  57          // collect all elements into the $elements array

  58          preg_match_all("/$el/", $reg, $matches);
  59          foreach ($matches[0] as $match) {
  60              $this->elements[$match] = true;
  61          }
  62  
  63          // setup all elements as parentheticals with leading commas

  64          $reg = preg_replace("/$el/", '(,\\0)', $reg);
  65  
  66          // remove commas when they were not solicited

  67          $reg = preg_replace("/([^,(|]\(+),/", '\\1', $reg);
  68  
  69          // remove all non-paranthetical commas: they are handled by first regex

  70          $reg = preg_replace("/,\(/", '(', $reg);
  71  
  72          $this->_pcre_regex = $reg;
  73      }
  74  
  75      /**

  76       * @param HTMLPurifier_Node[] $children

  77       * @param HTMLPurifier_Config $config

  78       * @param HTMLPurifier_Context $context

  79       * @return bool

  80       */
  81      public function validateChildren($children, $config, $context)
  82      {
  83          $list_of_children = '';
  84          $nesting = 0; // depth into the nest

  85          foreach ($children as $node) {
  86              if (!empty($node->is_whitespace)) {
  87                  continue;
  88              }
  89              $list_of_children .= $node->name . ',';
  90          }
  91          // add leading comma to deal with stray comma declarations

  92          $list_of_children = ',' . rtrim($list_of_children, ',');
  93          $okay =
  94              preg_match(
  95                  '/^,?' . $this->_pcre_regex . '$/',
  96                  $list_of_children
  97              );
  98          return (bool)$okay;
  99      }
 100  }
 101  
 102  // vim: et sw=4 sts=4