mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-17 13:33:15 +01:00
8f797be836
- can be used via html class like:
$clean_html = html::purify($html);
- using it now in eTemplate to remove malicious code from html:
a) when displaying "formatted text"
b) when "formatted text" get's input by the user
27 lines
686 B
PHP
Executable File
27 lines
686 B
PHP
Executable File
<?php
|
|
|
|
/**
|
|
* Injector that displays the URL of an anchor instead of linking to it, in addition to showing the text of the link.
|
|
*/
|
|
class HTMLPurifier_Injector_DisplayLinkURI extends HTMLPurifier_Injector
|
|
{
|
|
|
|
public $name = 'DisplayLinkURI';
|
|
public $needed = array('a');
|
|
|
|
public function handleElement(&$token) {
|
|
}
|
|
|
|
public function handleEnd(&$token) {
|
|
if (isset($token->start->attr['href'])){
|
|
$url = $token->start->attr['href'];
|
|
unset($token->start->attr['href']);
|
|
$token = array($token, new HTMLPurifier_Token_Text(" ($url)"));
|
|
} else {
|
|
// nothing to display
|
|
}
|
|
}
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|