Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
  • Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.
   1  <?php
   2  
   3  /**
   4   * Validates contents based on NMTOKENS attribute type.
   5   */
   6  class HTMLPurifier_AttrDef_HTML_Nmtokens extends HTMLPurifier_AttrDef
   7  {
   8  
   9      /**
  10       * @param string $string
  11       * @param HTMLPurifier_Config $config
  12       * @param HTMLPurifier_Context $context
  13       * @return bool|string
  14       */
  15      public function validate($string, $config, $context)
  16      {
  17          $string = trim($string);
  18  
  19          // early abort: '' and '0' (strings that convert to false) are invalid
  20          if (!$string) {
  21              return false;
  22          }
  23  
  24          $tokens = $this->split($string, $config, $context);
  25          $tokens = $this->filter($tokens, $config, $context);
  26          if (empty($tokens)) {
  27              return false;
  28          }
  29          return implode(' ', $tokens);
  30      }
  31  
  32      /**
  33       * Splits a space separated list of tokens into its constituent parts.
  34       * @param string $string
  35       * @param HTMLPurifier_Config $config
  36       * @param HTMLPurifier_Context $context
  37       * @return array
  38       */
  39      protected function split($string, $config, $context)
  40      {
  41          // OPTIMIZABLE!
  42          // do the preg_match, capture all subpatterns for reformulation
  43  
  44          // we don't support U+00A1 and up codepoints or
  45          // escaping because I don't know how to do that with regexps
  46          // and plus it would complicate optimization efforts (you never
  47          // see that anyway).
  48          $pattern = '/(?:(?<=\s)|\A)' . // look behind for space or string start
  49              '((?:--|-?[A-Za-z_])[A-Za-z_\-0-9]*)' .
  50              '(?:(?=\s)|\z)/'; // look ahead for space or string end
  51          preg_match_all($pattern, $string, $matches);
  52          return $matches[1];
  53      }
  54  
  55      /**
  56       * Template method for removing certain tokens based on arbitrary criteria.
  57       * @note If we wanted to be really functional, we'd do an array_filter
  58       *       with a callback. But... we're not.
  59       * @param array $tokens
  60       * @param HTMLPurifier_Config $config
  61       * @param HTMLPurifier_Context $context
  62       * @return array
  63       */
  64      protected function filter($tokens, $config, $context)
  65      {
  66          return $tokens;
  67      }
  68  }
  69  
  70  // vim: et sw=4 sts=4