Make sure data exists before processing

pantheon-systems · May 8, 2023 · e667a57 · e667a57
1 parent e16cecc
commit e667a57
Showing 1 changed file with 16 additions and 14 deletions.
diff --git a/php/pantheon/utils.php b/php/pantheon/utils.php
@@ -62,22 +62,24 @@ public static function sanitize_data($data, $sanitizer_function = 'htmlspecialch
 		} elseif ( is_integer( $data ) ) {
 			return (string)$data;
 		} elseif ( is_string( $data ) ) {
-			$dom = new \DOMDocument;
-			$dom->loadHTML( $data );
-			$anchors = $dom->getElementsByTagName('a');
+			if ( ! empty( $data ) ) {
+				$dom = new \DOMDocument;
+				$dom->loadHTML( $data );
+				$anchors = $dom->getElementsByTagName('a');
 
-			// Bail if our string does not only contain an anchor tag.
-			if ( 0 === $anchors->length ) {;
-				return $sanitizer_function($data);
-			}
+				// Bail if our string does not only contain an anchor tag.
+				if ( 0 === $anchors->length ) {;
+					return $sanitizer_function($data);
+				}
 
-			$href = $anchors[0]->getAttribute('href');
-			$sanitized_href = call_user_func($sanitizer_function, $href);
-			$sanitized_link_text = call_user_func($sanitizer_function, $anchors[0]->textContent);
-
-			// Rebuild anchor tags to ensure there are no injected attributes.
-			$rebuilt_link = '<a href="' . $sanitized_href . '">' . $sanitized_link_text . '</a>';
-			return $rebuilt_link;
+				$href = $anchors[0]->getAttribute('href');
+				$sanitized_href = call_user_func($sanitizer_function, $href);
+				$sanitized_link_text = call_user_func($sanitizer_function, $anchors[0]->textContent);
+
+				// Rebuild anchor tags to ensure there are no injected attributes.
+				$rebuilt_link = '<a href="' . $sanitized_href . '">' . $sanitized_link_text . '</a>';
+				return $rebuilt_link;
+			}
 		}
 
 		return $sanitizer_function($data);