', $this->getListOfAllowedTags(), $this->getListOfAllowedAttributes() ); } parent::__construct($validation_error_message); } /** * Generates and returns a string that lists the top-level HTML tags that are allowable for this input * * @return string */ public function getListOfAllowedTags() { $tags_we_allow = $this->getAllowedTags(); ksort($tags_we_allow); return implode(', ', array_keys($tags_we_allow)); } /** * Returns an array whose keys are allowed attributes. * @return bool[] */ public function getAllowedAttributes() { return [ 'class' => true, 'id' => true, 'style' => true, 'src' => true, 'alt' => true, 'width' => true, 'height' => true, 'target' => true, ]; } /** * Generates and returns a string that lists the top-level HTML tags that are allowable for this input * * @return string */ public function getListOfAllowedAttributes() { $tags_we_allow = $this->getAllowedAttributes(); ksort($tags_we_allow); return implode(', ', array_keys($tags_we_allow)); } /** * Returns an array whose keys are allowed tags and values are an array of allowed attributes * * @return array */ protected function getAllowedTags() { global $allowedtags; $tags_we_allow['p'] = array(); $allowed_attributes = $this->getAllowedAttributes(); $tags_we_allow = array_merge_recursive( $allowedtags, array( 'ol' => $allowed_attributes, 'ul' => $allowed_attributes, 'li' => $allowed_attributes, 'br' => $allowed_attributes, 'p' => $allowed_attributes, 'a' => $allowed_attributes, 'h1' => $allowed_attributes, 'h2' => $allowed_attributes, 'h3' => $allowed_attributes, 'h4' => $allowed_attributes, 'h5' => $allowed_attributes, 'h6' => $allowed_attributes, 'hr' => $allowed_attributes, 'img' => $allowed_attributes, 'div' => $allowed_attributes, ) ); return apply_filters('Twine\forms\strategies\validation\FullHtmlValidation::getAllowedTags', $tags_we_allow); } /** * Validates HTML contains no prohibited tags. * @param string $normalized_value * @throws ValidationError */ public function validate($normalized_value) { parent::validate($normalized_value); $normalized_value_sans_tags = wp_kses("$normalized_value", $this->getAllowedTags()); if (strlen($normalized_value) > strlen($normalized_value_sans_tags)) { throw new ValidationError($this->getValidationErrorMessage(), 'complex_html_tags'); } } }