Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
  • Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.
   1  <?php
   2  
   3  /**
   4   * Custom validation class, accepts DTD child definitions
   5   *
   6   * @warning Currently this class is an all or nothing proposition, that is,
   7   *          it will only give a bool return value.
   8   */
   9  class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef
  10  {
  11      /**
  12       * @type string
  13       */
  14      public $type = 'custom';
  15  
  16      /**
  17       * @type bool
  18       */
  19      public $allow_empty = false;
  20  
  21      /**
  22       * Allowed child pattern as defined by the DTD.
  23       * @type string
  24       */
  25      public $dtd_regex;
  26  
  27      /**
  28       * PCRE regex derived from $dtd_regex.
  29       * @type string
  30       */
  31      private $_pcre_regex;
  32  
  33      /**
  34       * @param $dtd_regex Allowed child pattern from the DTD
  35       */
  36      public function __construct($dtd_regex)
  37      {
  38          $this->dtd_regex = $dtd_regex;
  39          $this->_compileRegex();
  40      }
  41  
  42      /**
  43       * Compiles the PCRE regex from a DTD regex ($dtd_regex to $_pcre_regex)
  44       */
  45      protected function _compileRegex()
  46      {
  47          $raw = str_replace(' ', '', $this->dtd_regex);
  48          if ($raw[0] != '(') {
  49              $raw = "($raw)";
  50          }
  51          $el = '[#a-zA-Z0-9_.-]+';
  52          $reg = $raw;
  53  
  54          // COMPLICATED! AND MIGHT BE BUGGY! I HAVE NO CLUE WHAT I'M
  55          // DOING! Seriously: if there's problems, please report them.
  56  
  57          // collect all elements into the $elements array
  58          preg_match_all("/$el/", $reg, $matches);
  59          foreach ($matches[0] as $match) {
  60              $this->elements[$match] = true;
  61          }
  62  
  63          // setup all elements as parentheticals with leading commas
  64          $reg = preg_replace("/$el/", '(,\\0)', $reg);
  65  
  66          // remove commas when they were not solicited
  67          $reg = preg_replace("/([^,(|]\(+),/", '\\1', $reg);
  68  
  69          // remove all non-paranthetical commas: they are handled by first regex
  70          $reg = preg_replace("/,\(/", '(', $reg);
  71  
  72          $this->_pcre_regex = $reg;
  73      }
  74  
  75      /**
  76       * @param HTMLPurifier_Node[] $children
  77       * @param HTMLPurifier_Config $config
  78       * @param HTMLPurifier_Context $context
  79       * @return bool
  80       */
  81      public function validateChildren($children, $config, $context)
  82      {
  83          $list_of_children = '';
  84          $nesting = 0; // depth into the nest
  85          foreach ($children as $node) {
  86              if (!empty($node->is_whitespace)) {
  87                  continue;
  88              }
  89              $list_of_children .= $node->name . ',';
  90          }
  91          // add leading comma to deal with stray comma declarations
  92          $list_of_children = ',' . rtrim($list_of_children, ',');
  93          $okay =
  94              preg_match(
  95                  '/^,?' . $this->_pcre_regex . '$/',
  96                  $list_of_children
  97              );
  98          return (bool)$okay;
  99      }
 100  }
 101  
 102  // vim: et sw=4 sts=4