mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-30 20:04:30 +01:00
8f797be836
- can be used via html class like: $clean_html = html::purify($html); - using it now in eTemplate to remove malicious code from html: a) when displaying "formatted text" b) when "formatted text" get's input by the user
40 lines
806 B
PHP
Executable File
40 lines
806 B
PHP
Executable File
<?php
|
|
|
|
/**
|
|
* Validates an IPv4 address
|
|
* @author Feyd @ forums.devnetwork.net (public domain)
|
|
*/
|
|
class HTMLPurifier_AttrDef_URI_IPv4 extends HTMLPurifier_AttrDef
|
|
{
|
|
|
|
/**
|
|
* IPv4 regex, protected so that IPv6 can reuse it
|
|
*/
|
|
protected $ip4;
|
|
|
|
public function validate($aIP, $config, $context) {
|
|
|
|
if (!$this->ip4) $this->_loadRegex();
|
|
|
|
if (preg_match('#^' . $this->ip4 . '$#s', $aIP))
|
|
{
|
|
return $aIP;
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
/**
|
|
* Lazy load function to prevent regex from being stuffed in
|
|
* cache.
|
|
*/
|
|
protected function _loadRegex() {
|
|
$oct = '(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])'; // 0-255
|
|
$this->ip4 = "(?:{$oct}\\.{$oct}\\.{$oct}\\.{$oct})";
|
|
}
|
|
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|