当前位置: 首页>>代码示例>>PHP>>正文


PHP HTMLPurifier函数代码示例

本文整理汇总了PHP中HTMLPurifier函数的典型用法代码示例。如果您正苦于以下问题:PHP HTMLPurifier函数的具体用法?PHP HTMLPurifier怎么用?PHP HTMLPurifier使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了HTMLPurifier函数的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: purify

function purify($dirty_html)
{
    if (is_array($dirty_html)) {
        foreach ($dirty_html as $key => $val) {
            $dirty_html[$key] = purify($val);
        }
        return $dirty_html;
    }
    if (trim($dirty_html) === '') {
        return $dirty_html;
    }
    $config = HTMLPurifier_Config::createDefault();
    $config->set('HTML.Doctype', 'XHTML 1.0 Strict');
    $config->set('AutoFormat.Linkify', true);
    $config->set('CSS.Trusted', true);
    $config->set('CSS.AllowTricky', true);
    $config->set('Filter.YouTube', true);
    $config->set('HTML.SafeObject', true);
    $config->set('Output.FlashCompat', true);
    $config->set('Output.Newline', '<br />');
    $def = $config->getHTMLDefinition(true);
    $def->addElement('spoiler', 'Block', 'Flow', 'Common', array());
    return HTMLPurifier($dirty_html, $config);
}
开发者ID:neosin,项目名称:seaforium,代码行数:24,代码来源:htmlpurifier_helper.php

示例2: update_page

 /** Update a wiki page
 		@param array $hash- lock_it,contributions, contributors
 		@param int $saveLastModif - modification time - pass null for now, unless importing a Wiki page
 	 **/
 function update_page($pageName, $edit_data, $edit_comment, $edit_user, $edit_ip, $edit_description = null, $edit_minor = 0, $lang = '', $is_html = null, $hash = null, $saveLastModif = null, $wysiwyg = '', $wiki_authors_style = '')
 {
     global $prefs;
     $histlib = TikiLib::lib('hist');
     if (!$edit_user) {
         $edit_user = 'anonymous';
     }
     $this->invalidate_cache($pageName);
     // Collect pages before modifying edit_data (see update of links below)
     $pages = $this->get_pages($edit_data, true);
     $this->check_alias($edit_data, $pageName);
     if (!$this->page_exists($pageName)) {
         return false;
     }
     // Get this page information
     $info = $this->get_page_info($pageName);
     if ($edit_description === null) {
         $edit_description = $info['description'];
     }
     // Use largest version +1 in history table rather than tiki_page because versions used to be bugged
     // tiki_history is also bugged as not all changes get stored in the history, like minor changes
     // and changes that do not modify the body of the page. Both numbers are wrong, but the largest of
     // them both is right.
     $old_version = max($info["version"], $histlib->get_page_latest_version($pageName));
     $user = $info["user"] ? $info["user"] : 'anonymous';
     $data = $info["data"];
     $willDoHistory = $prefs['feature_wiki_history_full'] == 'y' || $data != $edit_data || $info['description'] != $edit_description || $info["comment"] != $edit_comment;
     $version = $old_version + ($willDoHistory ? 1 : 0);
     if ($is_html === null) {
         $html = $info['is_html'];
     } else {
         $html = $is_html ? 1 : 0;
     }
     if ($wysiwyg == '') {
         $wysiwyg = $info['wysiwyg'];
     }
     if ($wysiwyg == 'y' && $html != 1 && $prefs['wysiwyg_htmltowiki'] != 'y') {
         // correct for html only wysiwyg
         $html = 1;
     }
     $parserlib = TikiLib::lib('parser');
     $edit_data = $parserlib->process_save_plugins($edit_data, array('type' => 'wiki page', 'itemId' => $pageName, 'user' => $user));
     if ($html == 1 && $prefs['feature_purifier'] != 'n') {
         $parserlib->isHtmlPurifying = true;
         $parserlib->isEditMode = true;
         $noparsed = array();
         $parserlib->plugins_remove($edit_data, $noparsed);
         require_once 'lib/htmlpurifier_tiki/HTMLPurifier.tiki.php';
         $edit_data = HTMLPurifier($edit_data);
         $parserlib->plugins_replace($edit_data, $noparsed, true);
         $parserlib->isHtmlPurifying = false;
         $parserlib->isEditMode = false;
     }
     if (is_null($saveLastModif)) {
         $saveLastModif = $this->now;
     }
     $queryData = array('description' => $edit_description, 'data' => $edit_data, 'comment' => $edit_comment, 'lastModif' => (int) $saveLastModif, 'version' => $version, 'version_minor' => $edit_minor, 'user' => $edit_user, 'ip' => $edit_ip, 'page_size' => strlen($edit_data), 'is_html' => $html, 'wysiwyg' => $wysiwyg, 'wiki_authors_style' => $wiki_authors_style, 'lang' => $lang);
     if ($hash !== null) {
         if (!empty($hash['lock_it']) && ($hash['lock_it'] == 'y' || $hash['lock_it'] == 'on')) {
             $queryData['flag'] = 'L';
             $queryData['lockedby'] = $user;
         } else {
             if (empty($hash['lock_it']) || $hash['lock_it'] == 'n') {
                 $queryData['flag'] = '';
                 $queryData['lockedby'] = '';
             }
         }
     }
     if ($prefs['wiki_comments_allow_per_page'] != 'n') {
         if (!empty($hash['comments_enabled']) && $hash['comments_enabled'] == 'y') {
             $queryData['comments_enabled'] = 'y';
         } else {
             if (empty($hash['comments_enabled']) || $hash['comments_enabled'] == 'n') {
                 $queryData['comments_enabled'] = 'n';
             }
         }
     }
     if (empty($hash['contributions'])) {
         $hash['contributions'] = '';
     }
     if (empty($hash['contributors'])) {
         $hash2 = '';
     } else {
         foreach ($hash['contributors'] as $c) {
             $hash3['contributor'] = $c;
             $hash2[] = $hash3;
         }
     }
     $this->table('tiki_pages')->update($queryData, array('pageName' => $pageName));
     // Synchronize object comment
     if ($prefs['feature_wiki_description'] == 'y') {
         $query = 'update `tiki_objects` set `description`=? where `itemId`=? and `type`=?';
         $this->query($query, array($edit_description, $pageName, 'wiki page'));
     }
     //update status, page storage was updated in tiki 9 to be non html encoded
     $wikilib = TikiLib::lib('wiki');
//.........这里部分代码省略.........
开发者ID:rjsmelo,项目名称:tiki,代码行数:101,代码来源:tikilib.php

示例3: array

 if ($_REQUEST['msgid'] > 1) {
     $smarty->assign('prev', $_REQUEST['msgid'] - 1);
 } else {
     $smarty->assign('prev', '');
 }
 $attachments = array();
 //		if ($message->isMultipart()) {
 //			TODO	deal with attachments here??
 //		}
 $bodies = $webmaillib->get_mail_content($user, $current['accountId'], $_REQUEST['msgid'], true);
 for ($i = 0, $count_bodies = count($bodies); $i < $count_bodies; $i++) {
     if ($bodies[$i]['contentType'] == 'text/html') {
         $bod = $bodies[$i]['body'];
         // Clean the string using HTML Purifier
         require_once 'lib/htmlpurifier_tiki/HTMLPurifier.tiki.php';
         $bod = HTMLPurifier($bod);
         if (preg_match_all('/<[\\/]?body[^>]*>/i', $bod, $m, PREG_OFFSET_CAPTURE) && count($m) > 0 && count($m[0]) > 1) {
             // gets positions of the start and end body tags then substr the bit inbetween
             $bod = substr($bod, $m[0][0][1] + strlen($m[0][0][0]), $m[0][1][1]);
         }
         $bod = strip_tags($bod, '<a><b><i><strong><em><p><blockquote><table><tbody><tr><td><th>' . '<ul><li><img><hr><ol><br><h1><h2><h3><h4><h5><h6><div><span>' . '<font><form><input><textarea><checkbox><select><style>');
         // try to close malformed html not fixed by the purifier - because people email Really Bad Things and this messes up *lite.css layout
         $bod = closetags($bod);
         $bodies[$i]['body'] = $bod;
     } else {
         if ($bodies[$i]['contentType'] == 'text/plain') {
             // reply text
             $smarty->assign('plainbody', format_email_reply($bodies[$i]['body'], $aux['from'], $aux['date']));
             $bodies[$i]['body'] = nl2br($bodies[$i]['body']);
         }
     }
开发者ID:ameoba32,项目名称:tiki,代码行数:31,代码来源:tiki-webmail.php

示例4: xss_clean

 /**
  * Clean cross site scripting exploits from string.
  * HTMLPurifier may be used if installed, otherwise defaults to built in method.
  * Note - This function should only be used to deal with data upon submission.
  * It's not something that should be used for general runtime processing
  * since it requires a fair amount of processing overhead.
  *
  * @param   string  data to clean
  * @param   string  xss_clean method to use ('htmlpurifier' or defaults to built-in method)
  * @return  string
  */
 public function xss_clean($data, $tool = NULL)
 {
     if ($tool === NULL) {
         // Use the default tool
         $tool = Kohana::config('core.global_xss_filtering');
     }
     if (is_array($data)) {
         foreach ($data as $key => $val) {
             $data[$key] = $this->xss_clean($val, $tool);
         }
         return $data;
     }
     // Do not clean empty strings
     if (trim($data) === '') {
         return $data;
     }
     if ($tool === TRUE) {
         // NOTE: This is necessary because switch is NOT type-sensative!
         $tool = 'default';
     }
     switch ($tool) {
         case 'htmlpurifier':
             /**
              * @todo License should go here, http://htmlpurifier.org/
              */
             if (!class_exists('HTMLPurifier_Config', FALSE)) {
                 // Load HTMLPurifier
                 require Kohana::find_file('vendor', 'htmlpurifier/HTMLPurifier.auto', TRUE);
                 require 'HTMLPurifier.func.php';
             }
             // Set configuration
             $config = HTMLPurifier_Config::createDefault();
             $config->set('HTML', 'TidyLevel', 'none');
             // Only XSS cleaning now
             // Run HTMLPurifier
             $data = HTMLPurifier($data, $config);
             break;
         default:
             // http://svn.bitflux.ch/repos/public/popoon/trunk/classes/externalinput.php
             // +----------------------------------------------------------------------+
             // | Copyright (c) 2001-2006 Bitflux GmbH                                 |
             // +----------------------------------------------------------------------+
             // | Licensed under the Apache License, Version 2.0 (the "License");      |
             // | you may not use this file except in compliance with the License.     |
             // | You may obtain a copy of the License at                              |
             // | http://www.apache.org/licenses/LICENSE-2.0                           |
             // | Unless required by applicable law or agreed to in writing, software  |
             // | distributed under the License is distributed on an "AS IS" BASIS,    |
             // | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or      |
             // | implied. See the License for the specific language governing         |
             // | permissions and limitations under the License.                       |
             // +----------------------------------------------------------------------+
             // | Author: Christian Stocker <chregu@bitflux.ch>                        |
             // +----------------------------------------------------------------------+
             //
             // Kohana Modifications:
             // * Changed double quotes to single quotes, changed indenting and spacing
             // * Removed magic_quotes stuff
             // * Increased regex readability:
             //   * Used delimeters that aren't found in the pattern
             //   * Removed all unneeded escapes
             //   * Deleted U modifiers and swapped greediness where needed
             // * Increased regex speed:
             //   * Made capturing parentheses non-capturing where possible
             //   * Removed parentheses where possible
             //   * Split up alternation alternatives
             //   * Made some quantifiers possessive
             // Fix &entity\n;
             $data = str_replace(array('&amp;', '&lt;', '&gt;'), array('&amp;amp;', '&amp;lt;', '&amp;gt;'), $data);
             $data = preg_replace('/(&#*\\w+)[\\x00-\\x20]+;/u', '$1;', $data);
             $data = preg_replace('/(&#x*[0-9A-F]+);*/iu', '$1;', $data);
             $data = html_entity_decode($data, ENT_COMPAT, 'UTF-8');
             // Remove any attribute starting with "on" or xmlns
             $data = preg_replace('#(<[^>]+?[\\x00-\\x20"\'])(?:on|xmlns)[^>]*+>#iu', '$1>', $data);
             // Remove javascript: and vbscript: protocols
             $data = preg_replace('#([a-z]*)[\\x00-\\x20]*=[\\x00-\\x20]*([`\'"]*)[\\x00-\\x20]*j[\\x00-\\x20]*a[\\x00-\\x20]*v[\\x00-\\x20]*a[\\x00-\\x20]*s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:#iu', '$1=$2nojavascript...', $data);
             $data = preg_replace('#([a-z]*)[\\x00-\\x20]*=([\'"]*)[\\x00-\\x20]*v[\\x00-\\x20]*b[\\x00-\\x20]*s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:#iu', '$1=$2novbscript...', $data);
             $data = preg_replace('#([a-z]*)[\\x00-\\x20]*=([\'"]*)[\\x00-\\x20]*-moz-binding[\\x00-\\x20]*:#u', '$1=$2nomozbinding...', $data);
             // Only works in IE: <span style="width: expression(alert('Ping!'));"></span>
             $data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?expression[\\x00-\\x20]*\\([^>]*+>#i', '$1>', $data);
             $data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?behaviour[\\x00-\\x20]*\\([^>]*+>#i', '$1>', $data);
             $data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:*[^>]*+>#iu', '$1>', $data);
             // Remove namespaced elements (we do not need them)
             $data = preg_replace('#</*\\w+:\\w[^>]*+>#i', '', $data);
             do {
                 // Remove really unwanted tags
                 $old_data = $data;
                 $data = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data);
             } while ($old_data !== $data);
//.........这里部分代码省略.........
开发者ID:kjgarza,项目名称:ushahidi,代码行数:101,代码来源:Input.php

示例5: filter

 function filter($data)
 {
     require_once 'lib/htmlpurifier_tiki/HTMLPurifier.tiki.php';
     return HTMLPurifier($data);
 }
开发者ID:ameoba32,项目名称:tiki,代码行数:5,代码来源:HtmlPurifier.php

示例6: process_inbound_mail

 function process_inbound_mail($forumId)
 {
     global $prefs;
     require_once "lib/webmail/net_pop3.php";
     require_once "lib/mail/mimelib.php";
     $info = $this->get_forum($forumId);
     // for any reason my sybase test machine adds a space to
     // the inbound_pop_server field in the table.
     $info["inbound_pop_server"] = trim($info["inbound_pop_server"]);
     if (!$info["inbound_pop_server"] || empty($info["inbound_pop_server"])) {
         return;
     }
     $pop3 = new Net_POP3();
     $pop3->connect($info["inbound_pop_server"]);
     $pop3->login($info["inbound_pop_user"], $info["inbound_pop_password"]);
     if (!$pop3) {
         return;
     }
     $mailSum = $pop3->numMsg();
     //we don't want the operation to time out... this would result in the same messages being imported over and over...
     //(messages are only removed from the pop server on a gracefull connection termination... ie .not php or webserver a timeout)
     //$maximport should be in a admin config screen, but I don't know how to do that yet.
     $maxImport = 10;
     if ($mailSum > $maxImport) {
         $mailSum = $maxImport;
     }
     for ($i = 1; $i <= $mailSum; $i++) {
         //echo 'loop ' . $i;
         $aux = $pop3->getParsedHeaders($i);
         // If the mail came from Tiki, we don't need to add it again
         if (isset($aux['X-Tiki']) && $aux['X-Tiki'] == 'yes') {
             $pop3->deleteMsg($i);
             continue;
         }
         // If the connection is done, or the mail has an error, or whatever,
         // we try to delete the current mail (because something is wrong with it)
         // and continue on. --rlpowell
         if ($aux == FALSE) {
             $pop3->deleteMsg($i);
             continue;
         }
         //echo '<pre>';
         //print_r ($aux);
         //echo '</pre>';
         if (!isset($aux['From'])) {
             if (isset($aux['Return-path'])) {
                 $aux['From'] = $aux['Return-path'];
             } else {
                 $aux['From'] = "";
                 $aux['Return-path'] = "";
             }
         }
         //try to get the date from the email:
         $postDate = strtotime($aux['Date']);
         if ($postDate == false) {
             $postDate = $this->now;
         }
         //save the original email address, if we don't get a user match, then we
         //can at least give some info about the poster.
         $original_email = $aux["From"];
         //fix mailman addresses, or there is no chance to get a match
         $aux["From"] = str_replace(' at ', '@', $original_email);
         preg_match('/<?([-!#$%&\'*+\\.\\/0-9=?A-Z^_`a-z{|}~]+@[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\\.[-!#$%&\'*+\\.\\/0-9=?A-Z^_`a-z{|}~]+)>?/', $aux["From"], $mail);
         // should we throw out emails w/ invalid (possibly obfusicated) email addressses?
         //this should be an admin option, but I don't know how to put it there yet.
         $throwOutInvalidEmails = false;
         if (!array_key_exists(1, $mail)) {
             if ($throwOutInvalidEmails) {
                 continue;
             }
         }
         $email = $mail[1];
         $full = $pop3->getMsg($i);
         $mimelib = new mime();
         $output = $mimelib->decode($full);
         $body = '';
         if ($output['type'] == 'multipart/report') {
             // mimelib doesn't seem to parse error reports properly
             $pop3->deleteMsg($i);
             // and we almost certainly don't want them in the forum
             continue;
             // so do what exactly? log them somewhere? TODO
         }
         require_once 'lib/htmlpurifier_tiki/HTMLPurifier.tiki.php';
         if ($prefs['feature_forum_parse'] === 'y' && $prefs['forum_inbound_mail_parse_html'] === 'y') {
             $body = $mimelib->getPartBody($output, 'html');
             if ($body) {
                 // on some systems HTMLPurifier fails with smart quotes in the html
                 $body = $mimelib->cleanQuotes($body);
                 // some emails have invalid font and span tags that create incorrect purifying of lists
                 $body = preg_replace_callback('/\\<(ul|ol).*\\>(.*)\\<\\/(ul|ol)\\>/Umis', array($this, 'process_inbound_mail_cleanlists'), $body);
                 // Clean the string using HTML Purifier next
                 $body = HTMLPurifier($body);
                 // html emails require some speciaal handling
                 $body = preg_replace('/--(.*)--/', '~np~--$1--~/np~', $body);
                 // disable strikethough syntax
                 $body = preg_replace('/\\{(.*)\\}/', '~np~{$1}~/np~', $body);
                 // disable plugin type things
                 // special handling for MS links which contain underline tags in the label which wiki doesn't like
                 $body = preg_replace('/(\\<a .*\\>)\\<font .*\\>\\<u\\>(.*)\\<\\/u\\>\\<\\/font\\>\\<\\/a\\>/Umis', '$1$2</a>', $body);
//.........这里部分代码省略.........
开发者ID:jkimdon,项目名称:cohomeals,代码行数:101,代码来源:commentslib.php

示例7: HTMLpurify

/**
 *
 */
function HTMLpurify($dirty_html, $set = 'default')
{
    if (is_array($dirty_html)) {
        foreach ($dirty_html as $key => $val) {
            $dirty_html[$key] = purify($val);
        }
        return $dirty_html;
    }
    if (trim($dirty_html) === '') {
        return $dirty_html;
    }
    require_once FCPATH . "assets/htmlpurifier/library/HTMLPurifier.auto.php";
    require_once FCPATH . "assets/htmlpurifier/library/HTMLPurifier.func.php";
    $config = HTMLPurifier_Config::createDefault();
    if (!file_exists('content/cache/HTMLPurifier')) {
        mkdir('content/cache/HTMLPurifier');
    }
    $config->set('HTML.Doctype', 'XHTML 1.0 Strict');
    $config->set('Cache.SerializerPath', FCPATH . 'content/cache/HTMLPurifier');
    switch ($set) {
        case 'default':
            break;
        case 'unallowed':
            $config->set('HTML.AllowedElements', '');
            break;
    }
    return HTMLPurifier($dirty_html, $config);
}
开发者ID:KasaiDot,项目名称:FoOlSlide,代码行数:31,代码来源:options_helper.php


注:本文中的HTMLPurifier函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。