zzwy2/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef.php

<?php

/**
 * Base class for all validating attribute definitions.
 *
 * This family of classes forms the core for not only HTML attribute validation,
 * but also any sort of string that needs to be validated or cleaned (which
 * means CSS properties and composite definitions are defined here too).
 * Besides defining (through code) what precisely makes the string valid,
 * subclasses are also responsible for cleaning the code if possible.
 */

abstract class HTMLPurifier_AttrDef
{

    /**
     * Tells us whether or not an HTML attribute is minimized.
     * Has no meaning in other contexts.
     * @type bool
     */
    public $minimized = false;

    /**
     * Tells us whether or not an HTML attribute is required.
     * Has no meaning in other contexts
     * @type bool
     */
    public $required = false;

    /**
     * Validates and cleans passed string according to a definition.
     *
     * @param string $string String to be validated and cleaned.
     * @param HTMLPurifier_Config $config Mandatory HTMLPurifier_Config object.
     * @param HTMLPurifier_Context $context Mandatory HTMLPurifier_Context object.
     */
    abstract public function validate($string, $config, $context);

    /**
     * Convenience method that parses a string as if it were CDATA.
     *
     * This method process a string in the manner specified at
     * <http://www.w3.org/TR/html4/types.html#h-6.2> by removing
     * leading and trailing whitespace, ignoring line feeds, and replacing
     * carriage returns and tabs with spaces.  While most useful for HTML
     * attributes specified as CDATA, it can also be applied to most CSS
     * values.
     *
     * @note This method is not entirely standards compliant, as trim() removes
     *       more types of whitespace than specified in the spec. In practice,
     *       this is rarely a problem, as those extra characters usually have
     *       already been removed by HTMLPurifier_Encoder.
     *
     * @warning This processing is inconsistent with XML's whitespace handling
     *          as specified by section 3.3.3 and referenced XHTML 1.0 section
     *          4.7.  However, note that we are NOT necessarily
     *          parsing XML, thus, this behavior may still be correct. We
     *          assume that newlines have been normalized.
     */
    public function parseCDATA($string)
    {
        $string = trim($string);
        $string = str_replace(array("\n", "\t", "\r"), ' ', $string);
        return $string;
    }

    /**
     * Factory method for creating this class from a string.
     * @param string $string String construction info
     * @return HTMLPurifier_AttrDef Created AttrDef object corresponding to $string
     */
    public function make($string)
    {
        // default implementation, return a flyweight of this object.
        // If $string has an effect on the returned object (i.e. you
        // need to overload this method), it is best
        // to clone or instantiate new copies. (Instantiation is safer.)
        return $this;
    }

    /**
     * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work
     * properly. THIS IS A HACK!
     * @param string $string a CSS colour definition
     * @return string
     */
    protected function mungeRgb($string)
    {
        $p = '\s*(\d+(\.\d+)?([%]?))\s*';

        if (preg_match('/(rgba|hsla)\(/', $string)) {
            return preg_replace('/(rgba|hsla)\('.$p.','.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8,\11)', $string);
        }

        return preg_replace('/(rgb|hsl)\('.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8)', $string);
    }

    /**
     * Parses a possibly escaped CSS string and returns the "pure"
     * version of it.
     */
    protected function expandCSSEscape($string)
    {
        // flexibly parse it
        $ret = '';
        for ($i = 0, $c = strlen($string); $i < $c; $i++) {
            if ($string[$i] === '\\') {
                $i++;
                if ($i >= $c) {
                    $ret .= '\\';
                    break;
                }
                if (ctype_xdigit($string[$i])) {
                    $code = $string[$i];
                    for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) {
                        if (!ctype_xdigit($string[$i])) {
                            break;
                        }
                        $code .= $string[$i];
                    }
                    // We have to be extremely careful when adding
                    // new characters, to make sure we're not breaking
                    // the encoding.
                    $char = HTMLPurifier_Encoder::unichr(hexdec($code));
                    if (HTMLPurifier_Encoder::cleanUTF8($char) === '') {
                        continue;
                    }
                    $ret .= $char;
                    if ($i < $c && trim($string[$i]) !== '') {
                        $i--;
                    }
                    continue;
                }
                if ($string[$i] === "\n") {
                    continue;
                }
            }
            $ret .= $string[$i];
        }
        return $ret;
    }
}

// vim: et sw=4 sts=4
init 2022-10-08 17:31:39 +08:00			`<?php`

			`/**`
			`* Base class for all validating attribute definitions.`
			`*`
			`* This family of classes forms the core for not only HTML attribute validation,`
			`* but also any sort of string that needs to be validated or cleaned (which`
			`* means CSS properties and composite definitions are defined here too).`
			`* Besides defining (through code) what precisely makes the string valid,`
			`* subclasses are also responsible for cleaning the code if possible.`
			`*/`

			`abstract class HTMLPurifier_AttrDef`
			`{`

			`/**`
			`* Tells us whether or not an HTML attribute is minimized.`
			`* Has no meaning in other contexts.`
			`* @type bool`
			`*/`
			`public $minimized = false;`

			`/**`
			`* Tells us whether or not an HTML attribute is required.`
			`* Has no meaning in other contexts`
			`* @type bool`
			`*/`
			`public $required = false;`

			`/**`
			`* Validates and cleans passed string according to a definition.`
			`*`
			`* @param string $string String to be validated and cleaned.`
			`* @param HTMLPurifier_Config $config Mandatory HTMLPurifier_Config object.`
			`* @param HTMLPurifier_Context $context Mandatory HTMLPurifier_Context object.`
			`*/`
			`abstract public function validate($string, $config, $context);`

			`/**`
			`* Convenience method that parses a string as if it were CDATA.`
			`*`
			`* This method process a string in the manner specified at`
			`* <http://www.w3.org/TR/html4/types.html#h-6.2> by removing`
			`* leading and trailing whitespace, ignoring line feeds, and replacing`
			`* carriage returns and tabs with spaces. While most useful for HTML`
			`* attributes specified as CDATA, it can also be applied to most CSS`
			`* values.`
			`*`
			`* @note This method is not entirely standards compliant, as trim() removes`
			`* more types of whitespace than specified in the spec. In practice,`
			`* this is rarely a problem, as those extra characters usually have`
			`* already been removed by HTMLPurifier_Encoder.`
			`*`
			`* @warning This processing is inconsistent with XML's whitespace handling`
			`* as specified by section 3.3.3 and referenced XHTML 1.0 section`
			`* 4.7. However, note that we are NOT necessarily`
			`* parsing XML, thus, this behavior may still be correct. We`
			`* assume that newlines have been normalized.`
			`*/`
			`public function parseCDATA($string)`
			`{`
			`$string = trim($string);`
			`$string = str_replace(array("\n", "\t", "\r"), ' ', $string);`
			`return $string;`
			`}`

			`/**`
			`* Factory method for creating this class from a string.`
			`* @param string $string String construction info`
			`* @return HTMLPurifier_AttrDef Created AttrDef object corresponding to $string`
			`*/`
			`public function make($string)`
			`{`
			`// default implementation, return a flyweight of this object.`
			`// If $string has an effect on the returned object (i.e. you`
			`// need to overload this method), it is best`
			`// to clone or instantiate new copies. (Instantiation is safer.)`
			`return $this;`
			`}`

			`/**`
			`* Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work`
			`* properly. THIS IS A HACK!`
			`* @param string $string a CSS colour definition`
			`* @return string`
			`*/`
			`protected function mungeRgb($string)`
			`{`
			`$p = '\s(\d+(\.\d+)?([%]?))\s';`

			`if (preg_match('/(rgba\|hsla)\(/', $string)) {`
			`return preg_replace('/(rgba\|hsla)\('.$p.','.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8,\11)', $string);`
			`}`

			`return preg_replace('/(rgb\|hsl)\('.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8)', $string);`
			`}`

			`/**`
			`* Parses a possibly escaped CSS string and returns the "pure"`
			`* version of it.`
			`*/`
			`protected function expandCSSEscape($string)`
			`{`
			`// flexibly parse it`
			`$ret = '';`
			`for ($i = 0, $c = strlen($string); $i < $c; $i++) {`
			`if ($string[$i] === '\\') {`
			`$i++;`
			`if ($i >= $c) {`
			`$ret .= '\\';`
			`break;`
			`}`
			`if (ctype_xdigit($string[$i])) {`
			`$code = $string[$i];`
			`for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) {`
			`if (!ctype_xdigit($string[$i])) {`
			`break;`
			`}`
			`$code .= $string[$i];`
			`}`
			`// We have to be extremely careful when adding`
			`// new characters, to make sure we're not breaking`
			`// the encoding.`
			`$char = HTMLPurifier_Encoder::unichr(hexdec($code));`
			`if (HTMLPurifier_Encoder::cleanUTF8($char) === '') {`
			`continue;`
			`}`
			`$ret .= $char;`
			`if ($i < $c && trim($string[$i]) !== '') {`
			`$i--;`
			`}`
			`continue;`
			`}`
			`if ($string[$i] === "\n") {`
			`continue;`
			`}`
			`}`
			`$ret .= $string[$i];`
			`}`
			`return $ret;`
			`}`
			`}`

			`// vim: et sw=4 sts=4`