Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
  • Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.
   1  <?php
   2  
   3  /**
   4   * Microsoft's proprietary filter: CSS property
   5   * @note Currently supports the alpha filter. In the future, this will
   6   *       probably need an extensible framework
   7   */
   8  class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
   9  {
  10      /**
  11       * @type HTMLPurifier_AttrDef_Integer
  12       */
  13      protected $intValidator;
  14  
  15      public function __construct()
  16      {
  17          $this->intValidator = new HTMLPurifier_AttrDef_Integer();
  18      }
  19  
  20      /**
  21       * @param string $value
  22       * @param HTMLPurifier_Config $config
  23       * @param HTMLPurifier_Context $context
  24       * @return bool|string
  25       */
  26      public function validate($value, $config, $context)
  27      {
  28          $value = $this->parseCDATA($value);
  29          if ($value === 'none') {
  30              return $value;
  31          }
  32          // if we looped this we could support multiple filters
  33          $function_length = strcspn($value, '(');
  34          $function = trim(substr($value, 0, $function_length));
  35          if ($function !== 'alpha' &&
  36              $function !== 'Alpha' &&
  37              $function !== 'progid:DXImageTransform.Microsoft.Alpha'
  38          ) {
  39              return false;
  40          }
  41          $cursor = $function_length + 1;
  42          $parameters_length = strcspn($value, ')', $cursor);
  43          $parameters = substr($value, $cursor, $parameters_length);
  44          $params = explode(',', $parameters);
  45          $ret_params = array();
  46          $lookup = array();
  47          foreach ($params as $param) {
  48              list($key, $value) = explode('=', $param);
  49              $key = trim($key);
  50              $value = trim($value);
  51              if (isset($lookup[$key])) {
  52                  continue;
  53              }
  54              if ($key !== 'opacity') {
  55                  continue;
  56              }
  57              $value = $this->intValidator->validate($value, $config, $context);
  58              if ($value === false) {
  59                  continue;
  60              }
  61              $int = (int)$value;
  62              if ($int > 100) {
  63                  $value = '100';
  64              }
  65              if ($int < 0) {
  66                  $value = '0';
  67              }
  68              $ret_params[] = "$key=$value";
  69              $lookup[$key] = true;
  70          }
  71          $ret_parameters = implode(',', $ret_params);
  72          $ret_function = "$function($ret_parameters)";
  73          return $ret_function;
  74      }
  75  }
  76  
  77  // vim: et sw=4 sts=4