本文整理汇总了PHP中filter_xss函数的典型用法代码示例。如果您正苦于以下问题:PHP filter_xss函数的具体用法?PHP filter_xss怎么用?PHP filter_xss使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了filter_xss函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: messaging_token_values
/**
* Implementation of hook_token_values()
*/
function messaging_token_values($type, $object = NULL, $options = array())
{
$language = isset($options['language']) ? $options['language'] : $GLOBALS['language'];
switch ($type) {
case 'message':
if ($message = messaging_check_object($object, 'Messaging_Message')) {
$values['message-subject'] = check_plain($message->get_subject());
$values['message-body'] = filter_xss($message->get_body());
$values['message-author-name'] = check_plain($message->get_sender_name());
$values['message-method'] = messaging_method_info($message->method, 'name');
$timezone = isset($options['timezone']) ? $options['timezone'] : variable_get('date_default_timezone', 0);
$values['message-date'] = format_date($message->sent, 'medium', '', $timezone, $language->language);
return $values;
}
break;
case 'destination':
// Messaging destinations
if ($destination = messaging_check_object($object, 'Messaging_Destination')) {
$values['destination-address'] = $destination->format_address(FALSE);
$values['destination-type'] = $destination->address_name();
return $values;
}
break;
}
}示例2: boron_breadcrumb
/**
* Return a themed breadcrumb trail.
*
* @param $breadcrumb
* An array containing the breadcrumb links.
* @return
* A string containing the breadcrumb output.
*/
function boron_breadcrumb($vars)
{
$breadcrumb = $vars['breadcrumb'];
// Determine if we are to display the breadcrumb.
$show_breadcrumb = theme_get_setting('breadcrumb_display');
if ($show_breadcrumb == 'yes') {
// Optionally get rid of the homepage link.
$show_breadcrumb_home = theme_get_setting('breadcrumb_home');
if (!$show_breadcrumb_home) {
array_shift($breadcrumb);
}
// Return the breadcrumb with separators.
if (!empty($breadcrumb)) {
$separator = filter_xss(theme_get_setting('breadcrumb_separator'));
$trailing_separator = $title = '';
// Add the title and trailing separator
if (theme_get_setting('breadcrumb_title')) {
if ($title = drupal_get_title()) {
$trailing_separator = $separator;
}
} elseif (theme_get_setting('breadcrumb_trailing')) {
$trailing_separator = $separator;
}
// Assemble the breadcrumb
return implode($separator, $breadcrumb) . $trailing_separator . $title;
}
}
// Otherwise, return an empty string.
return '';
}示例3: getRequestKeyValueFromURL
/** Returns the request parameter value from URL */
static function getRequestKeyValueFromURL($key, $urlPath)
{
$value = NULL;
$pathParams = explode('/', $urlPath);
$index = array_search($key, $pathParams);
if ($index != FALSE) {
$value = filter_xss($pathParams[$index + 1]);
}
return $value;
}示例4: filter_xss
public static function filter_xss($string, $allowedtags = '', $disabledattributes = array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavaible', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragdrop', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterupdate', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmoveout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload'))
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = filter_xss($val, ALLOWED_HTMLTAGS);
}
} else {
$subject = preg_replace_callback('/<(.*?)>/i', 'prc_callback', strip_tags($string, $allowedtags));
$string = preg_replace('/\\s(' . implode('|', $disabledattributes) . ').*?([\\s\\>])/', '\\2', $subject);
}
return $string;
}示例5: settingsForm
/**
* Generate a settings form for this handler.
*/
public function settingsForm($field, $instance)
{
$form['action'] = array('#type' => 'select', '#title' => t('Action'), '#options' => array('none' => t('Do nothing'), 'hide' => t('Hide field'), 'disable' => t('Disable field')), '#description' => t('Action to take when prepopulating field with values via URL.'));
$form['action_on_edit'] = array('#type' => 'checkbox', '#title' => t('Apply action on edit'), '#description' => t('Apply action when editing an existing entity.'), '#states' => array('invisible' => array(':input[name="instance[settings][behaviors][prepopulate][action]"]' => array('value' => 'none'))));
$form['fallback'] = array('#type' => 'select', '#title' => t('Fallback behaviour'), '#description' => t('Determine what should happen if no values are provided via URL.'), '#options' => array('none' => t('Do nothing'), 'hide' => t('Hide field'), 'form_error' => t('Set form error'), 'redirect' => t('Redirect')));
// Get list of permissions.
$perms = array();
$perms[0] = t('- None -');
foreach (module_list(FALSE, FALSE, TRUE) as $module) {
// By keeping them keyed by module we can use optgroups with the
// 'select' type.
if ($permissions = module_invoke($module, 'permission')) {
foreach ($permissions as $id => $permission) {
$perms[$module][$id] = strip_tags($permission['title']);
}
}
}
$form['skip_perm'] = array('#type' => 'select', '#title' => t('Skip access permission'), '#description' => t('Set a permission that will not be affected by the fallback behavior.'), '#options' => $perms);
$form['providers'] = array('#type' => 'container', '#theme' => 'entityreference_prepopulate_providers_table', '#element_validate' => array('entityreference_prepopulate_providers_validate'));
$providers = entityreference_prepopulate_providers_info();
// Sort providers by weight.
$providers_names = !empty($instance['settings']['behaviors']['prepopulate']['providers']) ? array_keys($instance['settings']['behaviors']['prepopulate']['providers']) : array();
$providers_names = drupal_array_merge_deep($providers_names, array_keys($providers));
$weight = 0;
foreach ($providers_names as $name) {
// Validate that the provider exists.
if (!isset($providers[$name])) {
continue;
}
$provider = $providers[$name];
// Set default values.
$provider += array('disabled' => FALSE);
$form['providers']['title'][$name] = array('#type' => 'item', '#markup' => filter_xss($provider['title']), '#description' => filter_xss($provider['description']));
if (!isset($instance['settings']['behaviors']['prepopulate']['providers'][$name])) {
// backwards compatibility with version 1.4.
if ($name == 'url') {
// Enable the URL provider is it is not set in the instance yet.
$default_value = TRUE;
} elseif ($name == 'og_context') {
$default_value = !empty($instance['settings']['behaviors']['prepopulate']['og_context']);
}
} else {
$default_value = !empty($instance['settings']['behaviors']['prepopulate']['providers'][$name]);
}
$form['providers']['enabled'][$name] = array('#type' => 'checkbox', '#disabled' => $provider['disabled'], '#default_value' => $default_value);
$form['providers']['weight'][$name] = array('#type' => 'weight', '#default_value' => $weight, '#attributes' => array('class' => array('provider-weight')));
++$weight;
}
return $form;
}示例6: drupalmel_theme_preprocess_semantic_panels_pane
/**
* Implements hook_preprocess_panels_pane().
*/
function drupalmel_theme_preprocess_semantic_panels_pane(&$variables)
{
switch ($variables['pane']->subtype) {
// Add <span> to site name string.
case 'blockify-blockify-site-name':
preg_match_all('/([A-Z][a-z]+|[0-9]+)/', variable_get('site_name', NULL), $parts);
$name = '';
if (isset($parts[1])) {
foreach ($parts[1] as $delta => $part) {
$id = drupal_clean_css_identifier($part);
$name .= '<span class="part-' . $delta . ' part-' . $id . '">' . filter_xss($part) . '</span>';
}
}
$variables['content_html'] = str_replace('<span>' . variable_get('site_name', NULL) . '</span>', $name, $variables['content_html']);
break;
}
}示例7: getExpenseCatIds
public static function getExpenseCatIds()
{
$bottomURL = $_REQUEST['expandBottomContURL'];
$expCatId = NULL;
$expCatIds = array();
if (isset($bottomURL) && preg_match("/expcategory/", $bottomURL)) {
$pathParams = explode('/', $bottomURL);
$index = array_search('expcategory', $pathParams);
$expCatId = filter_xss($pathParams[$index + 1]);
}
if ($expCatId) {
$query1 = "SELECT expenditure_object_code FROM ref_expenditure_object WHERE expenditure_object_id = " . $expCatId;
$expCatInfo = _checkbook_project_execute_sql($query1);
$query2 = "SELECT expenditure_object_id, fiscal_year, year_id FROM ref_expenditure_object e\r\n LEFT JOIN ref_year y ON e.fiscal_year = y.year_value\r\n WHERE expenditure_object_code = '" . $expCatInfo[0]['expenditure_object_code'] . "'";
$result = _checkbook_project_execute_sql($query2);
foreach ($result as $key => $value) {
$expCatIds[$value['year_id']] = $value['expenditure_object_id'];
}
}
return $expCatIds;
}示例8: getJS
/**
* {@inheritdoc}
*/
public function getJS()
{
$js = parent::getJS();
// Ensure we've a sane url.
if (!empty($js['opt']['url'])) {
$js['opt']['url'] = url($js['opt']['url']);
} else {
// Remove the option as it is even used if empty.
unset($js['opt']['url']);
}
// @TODO Find a way how to do this just once per map / collection.
if ($this->getOption('devMode')) {
include 'forms.inc';
$form_state = array();
$form_state['build_info']['args'] = array($this);
$form = drupal_build_form('openlayers_dev_dialog_form', $form_state);
unset($form['options']['devMode']);
$js['opt']['devDialog'] = filter_xss(drupal_render($form), array('label', 'form', 'input', 'select', 'textarea', 'div', 'ul', 'ol', 'li', 'dl', 'dt', 'dd'));
}
return $js;
}示例9: dynamo_preprocess_node
/**
* Preprocess node template variables.
*/
function dynamo_preprocess_node(&$variables)
{
$node = $variables['node'];
if (!$variables['page']) {
if (isset($variables['field_list_image_rendered']) && strlen($variables['field_list_image_rendered']) > 1) {
$variables['list_image'] = $variables['field_list_image_rendered'];
} else {
$variables['list_image'] = ' ';
}
}
$similar_nodes = similarterms_list(variable_get('ding_similarterms_vocabulary_id', 0));
if (count($similar_nodes)) {
$variables['similarterms'] = theme('similarterms', variable_get('similarterms_display_options', 'title_only'), $similar_nodes);
}
if ($variables['type'] == 'event') {
$date = strtotime($node->field_datetime[0]['value']);
$date2 = strtotime($node->field_datetime[0]['value2']);
// Find out the end time of the event. If there's no specified end
// time, we’ll use the start time. If the event is in the past, we
// create the alert box.
if ($date2 > 0 && $date2 < $_SERVER['REQUEST_TIME']) {
$variables['alertbox'] = '<div class="alert">' . t('NB! This event occurred in the past.') . '</div>';
}
// More human-friendly date formatting – try only to show the stuff
// that’s different when displaying a date range.
if (date("Ymd", $date) == date("Ymd", $date2)) {
$variables['event_date'] = format_date($date, 'custom', "j. F Y");
} elseif (date("Ym", $date) == date("Ym", $date2)) {
$variables['event_date'] = format_date($date, 'custom', "j.") . "–" . format_date($date2, 'custom', "j. F Y");
} else {
$variables['event_date'] = format_date($date, 'custom', "j. M.") . " – " . format_date($date2, 'custom', "j. M. Y");
}
// Display free if the price is zero.
if ($node->field_entry_price[0]['value'] == "0") {
$variables['event_price'] = t('free');
} else {
$variables['event_price'] = filter_xss($node->field_entry_price[0]['view']);
}
}
}示例10: bootstrap_psdpt_pager_link
/**
* Overrides theme_pager().
*/
function bootstrap_psdpt_pager_link($variables)
{
$text = $variables['text'];
$page_new = $variables['page_new'];
$element = $variables['element'];
$parameters = $variables['parameters'];
$attributes = $variables['attributes'];
$page = isset($_GET['page']) ? $_GET['page'] : '';
if ($new_page = implode(',', pager_load_array($page_new[$element], $element, explode(',', $page)))) {
$parameters['page'] = $new_page;
}
$query = array();
if (count($parameters)) {
$query = drupal_get_query_parameters($parameters, array());
}
if ($query_pager = pager_get_query_parameters()) {
$query = array_merge($query, $query_pager);
}
// Set each pager link title
if (!isset($attributes['title'])) {
static $titles = NULL;
if (!isset($titles)) {
$titles = array(t('« first') => t('Go to first page'), t('‹ previous') => t('Go to previous page'), t('next ›') => t('Go to next page'), t('last »') => t('Go to last page'));
}
if (isset($titles[$text])) {
$attributes['title'] = $titles[$text];
} elseif (is_numeric($text)) {
$attributes['title'] = t('Go to page @number', array('@number' => $text));
}
}
// @todo l() cannot be used here, since it adds an 'active' class based on the
// path only (which is always the current path for pager links). Apparently,
// none of the pager links is active at any time - but it should still be
// possible to use l() here.
// @see http://drupal.org/node/1410574
$attributes['href'] = url($_GET['q'], array('query' => $query));
$text = filter_xss($text, array('span', 'em', 'strong'));
return '<a' . drupal_attributes($attributes) . '>' . $text . '</a>';
}示例11: process_xss_weak
/**
* applies xss checks on string (weak version)
* @param string $string text to check
* @return string safe value
*/
public static function process_xss_weak($string)
{
return filter_xss($string, array('a|abbr|acronym|address|b|bdo|big|blockquote|br|caption|cite|code|col|colgroup|dd|del|dfn|div|dl|dt|em|h1|h2|h3|h4|h5|h6|hr|i|img|ins|kbd|li|ol|p|pre|q|samp|small|span|strong|sub|sup|table|tbody|td|tfoot|th|thead|tr|tt|ul|var'));
}示例12: ec_resp_preprocess_block
/**
* Implements template_preprocess_block().
*/
function ec_resp_preprocess_block(&$variables)
{
global $user, $language;
$block_no_panel = array('search' => 'form', 'print' => 'print-links', 'print_ui' => 'print-links', 'workbench' => 'block', 'social_bookmark' => 'social-bookmark', 'views' => 'view_ec_content_slider-block', 'om_maximenu' => array('om-maximenu-1', 'om-maximenu-2'), 'menu' => 'menu-service-tools', 'cce_basic_config' => 'footer_ipg');
// List of all blocks that don't need their title to be displayed.
$block_no_title = array('fat_footer' => 'fat-footer', 'om_maximenu' => array('om-maximenu-1', 'om-maximenu-2'), 'menu' => 'menu-service-tools', 'cce_basic_config' => 'footer_ipg');
$block_no_body_class = array();
$panel = TRUE;
foreach ($block_no_panel as $key => $value) {
if ($variables['block']->module == $key) {
if (is_array($value)) {
foreach ($value as $delta) {
if ($variables['block']->delta == $delta) {
$panel = FALSE;
break;
}
}
} else {
if ($variables['block']->delta == $value) {
$panel = FALSE;
break;
}
}
}
}
$title = TRUE;
foreach ($block_no_title as $key => $value) {
if ($variables['block']->module == $key) {
if (is_array($value)) {
foreach ($value as $delta) {
if ($variables['block']->delta == $delta) {
$title = FALSE;
break;
}
}
} else {
if ($variables['block']->delta == $value) {
$title = FALSE;
break;
}
}
}
}
$body_class = TRUE;
foreach ($block_no_body_class as $key => $value) {
if ($variables['block']->module == $key && $variables['block']->delta == $value) {
$body_class = FALSE;
}
}
$variables['panel'] = $panel;
$variables['title'] = $title;
$variables['body_class'] = $body_class;
if (isset($variables['block']->bid)) {
switch ($variables['block']->bid) {
case 'locale-language':
$languages = language_list();
$items = array();
$items[] = array('data' => '<span class="off-screen">' . t("Current language") . ':</span> ' . $language->language, 'class' => array('selected'), 'title' => $language->native, 'lang' => $language->language);
// Get path of translated content.
$translations = translation_path_get_translations(current_path());
$language_default = language_default();
foreach ($languages as $language_object) {
$prefix = $language_object->language;
$language_name = $language_object->name;
if (isset($translations[$prefix])) {
$path = $translations[$prefix];
} else {
$path = current_path();
}
// Get the related url alias
// Check if the multisite language negotiation
// with suffix url is enabled.
$language_negociation = variable_get('language_negotiation_language');
if (isset($language_negociation['locale-url-suffix'])) {
$delimiter = variable_get('language_suffix_delimiter', '_');
$alias = drupal_get_path_alias($path, $prefix);
if ($alias == variable_get('site_frontpage', 'node')) {
$path = $prefix == 'en' ? '' : 'index';
} else {
if ($alias != $path) {
$path = $alias;
} else {
$path = drupal_get_path_alias(isset($translations[$language_name]) ? $translations[$language_name] : $path, $language_name);
}
}
} else {
$path = drupal_get_path_alias($path, $prefix);
}
// Add enabled languages.
if ($language_name != $language->name) {
$items[] = array('data' => l($language_name, filter_xss($path), array('attributes' => array('hreflang' => $prefix, 'lang' => $prefix, 'title' => $language_name), 'language' => $language_object)));
}
}
$variables['language_list'] = theme('item_list', array('items' => $items));
break;
case 'system-user-menu':
if ($user->uid) {
//.........这里部分代码省略.........
示例13: hook_tokens
/**
* Provide replacement values for placeholder tokens.
*
* This hook is invoked when someone calls token_replace(). That function first
* scans the text for [type:token] patterns, and splits the needed tokens into
* groups by type. Then hook_tokens() is invoked on each token-type group,
* allowing your module to respond by providing replacement text for any of
* the tokens in the group that your module knows how to process.
*
* A module implementing this hook should also implement hook_token_info() in
* order to list its available tokens on editing screens.
*
* @param $type
* The machine-readable name of the type (group) of token being replaced, such
* as 'node', 'user', or another type defined by a hook_token_info()
* implementation.
* @param $tokens
* An array of tokens to be replaced. The keys are the machine-readable token
* names, and the values are the raw [type:token] strings that appeared in the
* original text.
* @param $data
* (optional) An associative array of data objects to be used when generating
* replacement values, as supplied in the $data parameter to token_replace().
* @param $options
* (optional) An associative array of options for token replacement; see
* token_replace() for possible values.
*
* @return
* An associative array of replacement values, keyed by the raw [type:token]
* strings from the original text.
*
* @see hook_token_info()
* @see hook_tokens_alter()
*/
function hook_tokens($type, $tokens, array $data = array(), array $options = array())
{
$url_options = array('absolute' => TRUE);
if (isset($options['language'])) {
$url_options['language'] = $options['language'];
$language_code = $options['language']->language;
} else {
$language_code = NULL;
}
$sanitize = !empty($options['sanitize']);
$replacements = array();
if ($type == 'node' && !empty($data['node'])) {
$node = $data['node'];
foreach ($tokens as $name => $original) {
switch ($name) {
// Simple key values on the node.
case 'nid':
$replacements[$original] = $node->nid;
break;
case 'title':
$replacements[$original] = $sanitize ? check_plain($node->title) : $node->title;
break;
case 'edit-url':
$replacements[$original] = url('node/' . $node->nid . '/edit', $url_options);
break;
// Default values for the chained tokens handled below.
// Default values for the chained tokens handled below.
case 'author':
$name = $node->uid == 0 ? variable_get('anonymous', t('Anonymous')) : $node->name;
$replacements[$original] = $sanitize ? filter_xss($name) : $name;
break;
case 'created':
$replacements[$original] = format_date($node->created, 'medium', '', NULL, $language_code);
break;
}
}
if ($author_tokens = token_find_with_prefix($tokens, 'author')) {
$author = user_load($node->uid);
$replacements += token_generate('user', $author_tokens, array('user' => $author), $options);
}
if ($created_tokens = token_find_with_prefix($tokens, 'created')) {
$replacements += token_generate('date', $created_tokens, array('date' => $node->created), $options);
}
}
return $replacements;
}示例14: sanitize
static function sanitize($text)
{
return filter_xss($text);
}示例15: foreach
</tr>
<?php
$cntr = 0;
foreach ($database_result_set as $record) {
$cntr % 2 == 0 ? $rowclass = 'maestroEvenRow' : ($rowclass = 'maestroOddRow');
?>
<tr class="<?php
print $rowclass;
?>
">
<td><?php
print filter_xss($record->description);
?>
</td>
<td><?php
print filter_xss($record->name);
?>
</td>
<td><img title="test" id="maestro_viewdetail_<?php
print intval($record->id);
?>
" onclick="maestro_get_project_details(this);" src="<?php
print $maestro_path;
?>
/images/taskconsole/folder_closed.gif" pid="<?php
print intval($record->id);
?>
"></td>
</tr>
<tr class="maestro_hide_secondary_row <?php
print $rowclass;