Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
  • Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.
   1  <?php
   2  
   3  /**
   4   * Validates an integer representation of pixels according to the HTML spec.
   5   */
   6  class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef
   7  {
   8  
   9      /**
  10       * @type int
  11       */
  12      protected $max;
  13  
  14      /**
  15       * @param int $max
  16       */
  17      public function __construct($max = null)
  18      {
  19          $this->max = $max;
  20      }
  21  
  22      /**
  23       * @param string $string
  24       * @param HTMLPurifier_Config $config
  25       * @param HTMLPurifier_Context $context
  26       * @return bool|string
  27       */
  28      public function validate($string, $config, $context)
  29      {
  30          $string = trim($string);
  31          if ($string === '0') {
  32              return $string;
  33          }
  34          if ($string === '') {
  35              return false;
  36          }
  37          $length = strlen($string);
  38          if (substr($string, $length - 2) == 'px') {
  39              $string = substr($string, 0, $length - 2);
  40          }
  41          if (!is_numeric($string)) {
  42              return false;
  43          }
  44          $int = (int)$string;
  45  
  46          if ($int < 0) {
  47              return '0';
  48          }
  49  
  50          // upper-bound value, extremely high values can
  51          // crash operating systems, see <http://ha.ckers.org/imagecrash.html>
  52          // WARNING, above link WILL crash you if you're using Windows
  53  
  54          if ($this->max !== null && $int > $this->max) {
  55              return (string)$this->max;
  56          }
  57          return (string)$int;
  58      }
  59  
  60      /**
  61       * @param string $string
  62       * @return HTMLPurifier_AttrDef
  63       */
  64      public function make($string)
  65      {
  66          if ($string === '') {
  67              $max = null;
  68          } else {
  69              $max = (int)$string;
  70          }
  71          $class = get_class($this);
  72          return new $class($max);
  73      }
  74  }
  75  
  76  // vim: et sw=4 sts=4