|
Revision 21, 1.1 kB
(checked in by admin, 18 years ago)
|
|
|
| Line | |
|---|
| 1 | <?php |
|---|
| 2 | |
|---|
| 3 | /** |
|---|
| 4 | * Validate all attributes in the tokens. |
|---|
| 5 | */ |
|---|
| 6 | |
|---|
| 7 | class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy |
|---|
| 8 | { |
|---|
| 9 | |
|---|
| 10 | public function execute($tokens, $config, $context) { |
|---|
| 11 | |
|---|
| 12 | // setup validator |
|---|
| 13 | $validator = new HTMLPurifier_AttrValidator(); |
|---|
| 14 | |
|---|
| 15 | $token = false; |
|---|
| 16 | $context->register('CurrentToken', $token); |
|---|
| 17 | |
|---|
| 18 | foreach ($tokens as $key => $token) { |
|---|
| 19 | |
|---|
| 20 | // only process tokens that have attributes, |
|---|
| 21 | // namely start and empty tags |
|---|
| 22 | if (!$token instanceof HTMLPurifier_Token_Start && !$token instanceof HTMLPurifier_Token_Empty) continue; |
|---|
| 23 | |
|---|
| 24 | // skip tokens that are armored |
|---|
| 25 | if (!empty($token->armor['ValidateAttributes'])) continue; |
|---|
| 26 | |
|---|
| 27 | // note that we have no facilities here for removing tokens |
|---|
| 28 | $validator->validateToken($token, $config, $context); |
|---|
| 29 | |
|---|
| 30 | $tokens[$key] = $token; // for PHP 4 |
|---|
| 31 | } |
|---|
| 32 | $context->destroy('CurrentToken'); |
|---|
| 33 | |
|---|
| 34 | return $tokens; |
|---|
| 35 | } |
|---|
| 36 | |
|---|
| 37 | } |
|---|
| 38 | |
|---|
