[1.7.0] ChildDef_Custom's regex generation has been improved, removing several false positives

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1173 48356398-32a2-884e-a903-53898d9a118a

library/HTMLPurifier/ChildDef/Custom.php

@@ -38,8 +38,21 @@ class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef
         if ($raw{0} != '(') {
             $raw = "($raw)";
         }
-        $reg = str_replace(',', ',?', $raw);
-        $reg = preg_replace('/([#a-zA-Z0-9_.-]+)/', '(,?\\0)', $reg);
+        $el = '[#a-zA-Z0-9_.-]+';
+        $reg = $raw;
+        
+        // COMPLICATED! AND MIGHT BE BUGGY! I HAVE NO CLUE WHAT I'M
+        // DOING! Seriously: if there's problems, please report them.
+        
+        // setup all elements as parentheticals with leading commas
+        $reg = preg_replace("/$el/", '(,\\0)', $reg);
+        
+        // remove commas when they were not solicited
+        $reg = preg_replace("/([^,(|]\(+),/", '\\1', $reg);
+        
+        // remove all non-paranthetical commas: they are handled by first regex
+        $reg = preg_replace("/,\(/", '(', $reg);
+        
         $this->_pcre_regex = $reg;
     }
     function validateChildren($tokens_of_children, $config, &$context) {
@@ -60,11 +73,11 @@ class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef
                 $list_of_children .= $token->name . ',';
             }
         }
-        $list_of_children = rtrim($list_of_children, ',');
-        
+        // add leading comma to deal with stray comma declarations
+        $list_of_children = ',' . rtrim($list_of_children, ',');
         $okay =
             preg_match(
-                '/^'.$this->_pcre_regex.'$/',
+                '/^,?'.$this->_pcre_regex.'$/',
                 $list_of_children
             );