1<?php 2 3/** 4 * Validates a rel/rev link attribute against a directive of allowed values 5 * @note We cannot use Enum because link types allow multiple 6 * values. 7 * @note Assumes link types are ASCII text 8 */ 9class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef 10{ 11 12 /** 13 * Name config attribute to pull. 14 * @type string 15 */ 16 protected $name; 17 18 /** 19 * @param string $name 20 */ 21 public function __construct($name) 22 { 23 $configLookup = array( 24 'rel' => 'AllowedRel', 25 'rev' => 'AllowedRev' 26 ); 27 if (!isset($configLookup[$name])) { 28 trigger_error( 29 'Unrecognized attribute name for link ' . 30 'relationship.', 31 E_USER_ERROR 32 ); 33 return; 34 } 35 $this->name = $configLookup[$name]; 36 } 37 38 /** 39 * @param string $string 40 * @param HTMLPurifier_Config $config 41 * @param HTMLPurifier_Context $context 42 * @return bool|string 43 */ 44 public function validate($string, $config, $context) 45 { 46 $allowed = $config->get('Attr.' . $this->name); 47 if (empty($allowed)) { 48 return false; 49 } 50 51 $string = $this->parseCDATA($string); 52 $parts = explode(' ', $string); 53 54 // lookup to prevent duplicates 55 $ret_lookup = array(); 56 foreach ($parts as $part) { 57 $part = strtolower(trim($part)); 58 if (!isset($allowed[$part])) { 59 continue; 60 } 61 $ret_lookup[$part] = true; 62 } 63 64 if (empty($ret_lookup)) { 65 return false; 66 } 67 $string = implode(' ', array_keys($ret_lookup)); 68 return $string; 69 } 70} 71 72// vim: et sw=4 sts=4 73