本文整理汇总了PHP中htmLawed函数的典型用法代码示例。如果您正苦于以下问题:PHP htmLawed函数的具体用法?PHP htmLawed怎么用?PHP htmLawed使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了htmLawed函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: getDisplaySanitizedValue
public function getDisplaySanitizedValue() {
$this->load();
if ($this->akTextareaDisplayMode == 'text') {
return parent::getDisplaySanitizedValue();
}
return htmLawed(parent::getValue(), array('safe'=>1, 'deny_attribute'=>'style'));
}示例2: run
public static function run($html)
{
include_once "htmLawed.php";
$config = array('tidy' => 1);
$html = htmLawed($html, $config);
return $html;
}示例3: processModel3d
function processModel3d($data)
{
global $abort, $errorArray;
$data->type = 'model3d';
//Check name
if (isset($data->name)) {
$data->name = strip_tags($data->name);
} else {
$data->name = '3D Model';
}
//Check key
if (isset($data->key)) {
$re = "/^[a-z0-9]{10}\$/";
//Alphanumeric, and 10 characters
if (!preg_match($re, $data->key)) {
$abort = true;
$errorArray[] = "Invalid key for " . $data->name . " widget.";
}
}
//Check title
if (isset($data->title)) {
$data->title = strip_tags($data->title);
} else {
$data->title = '3D model title';
}
//Check description
if (isset($data->desc)) {
$data->desc = htmLawed($data->desc, array('safe' => 1, 'elements' => 'a', 'deny_attribute' => '* -href'));
$data->desc = str_replace(" />", ">", $data->desc);
} else {
$data->desc = "";
}
//Check if valid Sketchfab url source
if (!empty($data->url)) {
$pattern = "/(?:https?:)?(?:\\/\\/)?(?:www\\.)?(?:sketchfab\\.com\\/models\\/)([a-z0-9]+)(?:.+)?/";
//Get YouTube video ID
if (preg_match($pattern, $data->url)) {
$data->url = preg_replace($pattern, "https://sketchfab.com/models/\$1/embed", $data->url);
} else {
$abort = true;
$errorArray[] = "Sketchfab URL required for " . $data->name . " widget.";
}
} else {
$data->url = "";
}
$data = checkAlignment($data);
//From alignOptions.php
//Check index is a number
if (!empty($data->index)) {
if (!filter_var($data->index, FILTER_VALIDATE_INT) || $data->index < 0) {
unset($data->index);
}
} else {
//Index is optional
}
//Remove any invalid keys
$validKeys = (object) array('type' => '', 'name' => '', 'key' => '', 'title' => '', 'desc' => '', 'url' => '', 'align' => '', 'margin' => '', 'index' => '');
$data = (object) array_intersect_key(get_object_vars($data), get_object_vars($validKeys));
return $data;
}示例4: Format
public function Format($Html)
{
$Attributes = C('Garden.Html.BlockedAttributes', 'on*');
$Config = array('anti_link_spam' => array('`.`', ''), 'comment' => 1, 'cdata' => 3, 'css_expression' => 1, 'deny_attribute' => $Attributes, 'unique_ids' => 1, 'elements' => '*-applet-form-input-textarea-iframe-script-style-embed-object-select-option-button-fieldset-optgroup-legend', 'keep_bad' => 0, 'schemes' => 'classid:clsid; href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; style: nil; *:file, http, https', 'valid_xhtml' => 0, 'direct_list_nest' => 1, 'balance' => 1);
// Turn embedded videos into simple links (legacy workaround)
$Html = Gdn_Format::UnembedVideos($Html);
// We check the flag within Gdn_Format to see
// if htmLawed should place rel="nofollow" links
// within output or not.
// A plugin can set this flag (for example).
// The default is to show rel="nofollow" on all links.
if (Gdn_Format::$DisplayNoFollow) {
// display rel="nofollow" on all links.
$Config['anti_link_spam'] = array('`.`', '');
} else {
// never display rel="nofollow"
$Config['anti_link_spam'] = array('', '');
}
if ($this->SafeStyles) {
// Deny all class and style attributes.
// A lot of damage can be done by hackers with these attributes.
$Config['deny_attribute'] .= ',style';
// } else {
// $Config['hook_tag'] = 'HTMLawedHookTag';
}
// Block some IDs so you can't break Javascript
$GLOBALS['hl_Ids'] = array('Bookmarks' => 1, 'CommentForm' => 1, 'Content' => 1, 'Definitions' => 1, 'DiscussionForm' => 1, 'Foot' => 1, 'Form_Comment' => 1, 'Form_User_Password' => 1, 'Form_User_SignIn' => 1, 'Head' => 1, 'HighlightColor' => 1, 'InformMessageStack' => 1, 'Menu' => 1, 'PagerMore' => 1, 'Panel' => 1, 'Status' => 1);
$Spec = 'object=-classid-type, -codebase; embed=type(oneof=application/x-shockwave-flash); a=class(noneof=Hijack|Dismiss|MorePager/nomatch=%pop[in|up|down]|flyout|ajax%i)';
$Result = htmLawed($Html, $Config, $Spec);
return $Result;
}示例5: processVideo
function processVideo($data)
{
global $abort, $errorArray;
$data->type = 'video';
//Check name
if (isset($data->name)) {
$data->name = strip_tags($data->name);
} else {
$data->name = 'Video';
}
//Check key
if (isset($data->key)) {
$re = "/^[a-z0-9]{10}\$/";
//Alphanumeric, and 10 characters
if (!preg_match($re, $data->key)) {
$abort = true;
$errorArray[] = "Invalid key for " . $data->name . " widget.";
}
}
//Check title
if (isset($data->title)) {
$data->title = strip_tags($data->title);
} else {
$data->title = 'Sample title';
}
//Check description
if (isset($data->desc)) {
$data->desc = htmLawed($data->desc, array('safe' => 1, 'elements' => 'a', 'deny_attribute' => '* -href'));
$data->desc = str_replace(" />", ">", $data->desc);
} else {
$data->desc = "";
}
//Check if valid YouTube url source
if (!empty($data->url)) {
$pattern = "/(?:https?:)?(?:\\/\\/)?(?:www\\.)?(?:youtube\\.com|youtu\\.be)\\/(?:embed\\/)?(?:watch\\?v=)?([a-zA-Z0-9_-]+)(?:\\?.+)?(?:&.+)?\$/";
//Get YouTube video ID
if (preg_match($pattern, $data->url)) {
$data->url = preg_replace($pattern, "//www.youtube.com/embed/\$1?rel=0&showinfo=0", $data->url);
} else {
$abort = true;
$errorArray[] = "YouTube video URL required for " . $data->name . " widget.";
}
} else {
$data->url = "";
}
$data = checkAlignment($data);
//From alignOptions.php
//Check index is a number
if (!empty($data->index)) {
if (!filter_var($data->index, FILTER_VALIDATE_INT) || $data->index < 0) {
unset($data->index);
}
} else {
//Index is optional
}
//Remove any invalid keys
$validKeys = (object) array('type' => '', 'name' => '', 'key' => '', 'title' => '', 'desc' => '', 'url' => '', 'align' => '', 'margin' => '', 'index' => '');
$data = (object) array_intersect_key(get_object_vars($data), get_object_vars($validKeys));
return $data;
}示例6: Format
public function Format($Html)
{
$Config = array('anti_link_spam' => array('`.`', ''), 'comment' => 1, 'cdata' => 3, 'css_expression' => 1, 'deny_attribute' => 'on*', 'elements' => '*-applet-form-input-textarea-iframe-script-style', 'keep_bad' => 0, 'schemes' => 'classid:clsid; href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; style: nil; *:file, http, https', 'valid_xhtml' => 0, 'direct_list_nest' => 1, 'balance' => 1);
// We check the flag within Gdn_Format to see
// if htmLawed should place rel="nofollow" links
// within output or not.
// A plugin can set this flag (for example).
// The default is to show rel="nofollow" on all links.
if (Gdn_Format::$DisplayNoFollow) {
// display rel="nofollow" on all links.
$Config['anti_link_spam'] = array('`.`', '');
} else {
// never display rel="nofollow"
$Config['anti_link_spam'] = array('', '');
}
if ($this->SafeStyles) {
// Deny all class and style attributes.
// A lot of damage can be done by hackers with these attributes.
$Config['deny_attribute'] .= ',style';
// } else {
// $Config['hook_tag'] = 'HTMLawedHookTag';
}
$Spec = 'object=-classid-type, -codebase; embed=type(oneof=application/x-shockwave-flash)';
$Result = htmLawed($Html, $Config, $Spec);
return $Result;
}示例7: processImageWidget
function processImageWidget($data)
{
global $abort, $errorArray;
$data->type = 'imagewidget';
//Check name
if (isset($data->name)) {
$data->name = strip_tags($data->name);
} else {
$data->name = 'Image';
}
//Check key
if (isset($data->key)) {
$re = "/^[a-z0-9]{10}\$/";
//Alphanumeric, and 10 characters
if (!preg_match($re, $data->key)) {
$abort = true;
$errorArray[] = "Invalid key for " . $data->name . " widget.";
}
}
//Check title
if (isset($data->title)) {
$data->title = strip_tags($data->title);
} else {
$data->title = 'Sample title';
}
//Check description
if (isset($data->desc)) {
$data->desc = htmLawed($data->desc, array('safe' => 1, 'elements' => 'a', 'deny_attribute' => '* -href'));
$data->desc = str_replace(" />", ">", $data->desc);
} else {
$data->desc = "";
}
//Check image source
if (!empty($data->imgSrc)) {
if (!file_exists(ROOT_PATH . ltrim($data->imgSrc, '/')) && !file_exists($data->imgSrc)) {
$abort = true;
$errorArray[] = $data->name . " image source not found.";
}
} else {
$abort = true;
$errorArray[] = "Image source required for " . $data->name . " widget.";
}
$data = checkAlignment($data);
//From alignOptions.php
//Check index is a number
if (!empty($data->index)) {
if (!filter_var($data->index, FILTER_VALIDATE_INT) || $data->index < 0) {
unset($data->index);
}
} else {
//Index is optional
}
//Remove any invalid keys
$validKeys = (object) array('type' => '', 'name' => '', 'key' => '', 'title' => '', 'desc' => '', 'imgSrc' => '', 'align' => '', 'margin' => '', 'index' => '');
$data = (object) array_intersect_key(get_object_vars($data), get_object_vars($validKeys));
return $data;
}示例8: xssClean
public static function xssClean($value)
{
if (!is_array($value)) {
return htmLawed($value, array('safe' => 1, 'balanced' => 0));
}
foreach ($value as $k => $v) {
$value[$k] = $this->xss_clean($v);
}
return $value;
}示例9: xss_clean
public static function xss_clean($value, array $options = array())
{
if (!is_array($value)) {
if (!function_exists('htmLawed')) {
require_once dirname(dirname(__FILE__)) . '/vendor/htmlawed.php';
}
return htmLawed($value, array_merge(array('safe' => 1, 'balanced' => 0), $options));
}
foreach ($value as $k => $v) {
$value[$k] = static::xss_clean($v);
}
return $value;
}示例10: fetchContent
/**
* Fetch content from the given url and return a readable content.
*
* @param string $url
*
* @return array With keys html, title, url & summary
*/
public function fetchContent($url)
{
$infos = $this->doFetchContent($url);
$html = $infos['html'];
// filter xss?
if ($this->config['xss_filter']) {
$this->logger->log('debug', 'Filtering HTML to remove XSS');
$html = htmLawed($html, array('safe' => 1, 'deny_attribute' => 'style', 'comment' => 1, 'cdata' => 1));
}
// generate summary
$infos['summary'] = $this->getExcerpt($html);
return $infos;
}示例11: repairHtml
public static function repairHtml($html, $config = array())
{
if (class_exists('tidy')) {
$config = array_merge(array('indent' => true, 'output-xhtml' => true, 'clean' => false, 'wrap' => '86', 'doctype' => 'omit', 'drop-proprietary-attributes' => true, 'drop-font-tags' => false, 'word-2000' => true, 'show-body-only' => true, 'bare' => true, 'enclose-block-text' => true, 'enclose-text' => true, 'join-styles' => false, 'join-classes' => false, 'logical-emphasis' => true, 'lower-literals' => true, 'literal-attributes' => false, 'indent-spaces' => 2, 'quote-nbsp' => true, 'output-bom' => false, 'char-encoding' => 'utf8', 'newline' => 'LF', 'uppercase-tags' => false), $config);
$tidy = new tidy();
$tidy->parseString($html, $config, 'utf8');
$tidy->cleanRepair();
$ret = $tidy->value;
} else {
require_once VENDOR_PATH . '/koala-framework/library-htmlawed/htmLawed.php';
$ret = htmLawed($html);
}
return $ret;
}示例12: filter
/**
* Filters a string of html with the htmLawed library.
*
* @param string $html The text to filter.
* @param array|null $config Config settings for the array.
* @param string|array|null $spec A specification to further limit the allowed attribute values in the html.
* @return string Returns the filtered html.
* @see http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/htmLawed_README.htm
*/
public static function filter($html, array $config = null, $spec = null)
{
require_once __DIR__ . '/htmLawed/htmLawed.php';
if ($config === null) {
$config = self::$defaultConfig;
}
if (isset($config['spec']) && !$spec) {
$spec = $config['spec'];
}
if ($spec === null) {
$spec = static::$defaultSpec;
}
return htmLawed($html, $config, $spec);
}示例13: Format
public function Format($Html)
{
$Config = array('anti_link_spam' => array('`.`', ''), 'comment' => 1, 'cdata' => 3, 'css_expression' => 1, 'deny_attribute' => 'on*', 'elements' => '*-applet-form-input-textarea-iframe-script-style', 'keep_bad' => 0, 'schemes' => 'classid:clsid; href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; style: nil; *:file, http, https', 'valid_xml' => 2);
if ($this->SafeStyles) {
// Deny all class and style attributes.
// A lot of damage can be done by hackers with these attributes.
$Config['deny_attribute'] .= ',style';
} else {
$Config['hook_tag'] = 'HTMLawedHookTag';
}
$Spec = 'object=-classid-type, -codebase; embed=type(oneof=application/x-shockwave-flash)';
$Result = htmLawed($Html, $Config, $Spec);
return $Result;
}示例14: Format
public function Format($String)
{
$String = str_replace(array('"', ''', ':', 'Â'), array('"', "'", ':', ''), $String);
$String = str_replace('<#EMO_DIR#>', 'default', $String);
$String = str_replace('<{POST_SNAPBACK}>', '<span class="SnapBack">»</span>', $String);
// There is an issue with using uppercase code blocks, so they're forced to lowercase here
$String = str_replace(array('[CODE]', '[/CODE]'), array('[code]', '[/code]'), $String);
/**
* IPB inserts line break markup tags at line breaks. They need to be removed in code blocks.
* The original newline/line break should be left intact, so whitespace will be preserved in the pre tag.
*/
$String = preg_replace_callback('/\\[code\\].*?\\[\\/code\\]/is', function ($CodeBlocks) {
return str_replace(array('<br />'), array(''), $CodeBlocks[0]);
}, $String);
/**
* IPB formats some quotes as HTML. They're converted here for the sake of uniformity in presentation.
* Attribute order seems to be standard. Spacing between the opening of the tag and the first attribute is variable.
*/
$String = preg_replace_callback('#<blockquote\\s+class="ipsBlockquote" data-author="([^"]+)" data-cid="(\\d+)" data-time="(\\d+)">(.*?)</blockquote>#is', function ($BlockQuotes) {
$Author = $BlockQuotes[1];
$Cid = $BlockQuotes[2];
$Time = $BlockQuotes[3];
$QuoteContent = $BlockQuotes[4];
// $Time will over as a timestamp. Convert it to a date string.
$Date = date('F j Y, g:i A', $Time);
return "[quote name=\"{$Author}\" url=\"{$Cid}\" date=\"{$Date}\"]{$QuoteContent}[/quote]";
}, $String);
// If there is a really long string, it could cause a stack overflow in the bbcode parser.
// Not much we can do except try and chop the data down a touch.
// 1. Remove html comments.
$String = preg_replace('/<!--(.*)-->/Uis', '', $String);
// 2. Split the string up into chunks.
$Strings = (array) $String;
$Result = '';
foreach ($Strings as $String) {
$Result .= $this->NBBC()->Parse($String);
}
// Linkify URLs in content
$Result = Gdn_Format::links($Result);
// Parsing mentions
$Result = Gdn_Format::mentions($Result);
// Handling emoji
$Result = Emoji::instance()->translateToHtml($Result);
// Make sure to clean filter the html in the end.
$Config = array('anti_link_spam' => array('`.`', ''), 'comment' => 1, 'cdata' => 3, 'css_expression' => 1, 'deny_attribute' => 'on*', 'elements' => '*-applet-form-input-textarea-iframe-script-style', 'keep_bad' => 0, 'schemes' => 'classid:clsid; href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; style: nil; *:file, http, https', 'valid_xml' => 2);
$Spec = 'object=-classid-type, -codebase; embed=type(oneof=application/x-shockwave-flash)';
$Result = htmLawed($Result, $Config, $Spec);
return $Result;
}示例15: clean
/**
* Clean display value deleting html tags
*
* @param $value string: string value
* @param $striptags bool: strip all html tags
* @param $keep_bad int:
* 1 : neutralize tag anb content,
* 2 : remove tag and neutralize content
* @return clean value
**/
static function clean($value, $striptags = true, $keep_bad = 2)
{
include_once GLPI_HTMLAWED;
$value = Html::entity_decode_deep($value);
// Clean MS office tags
$value = str_replace(array("<![if !supportLists]>", "<![endif]>"), '', $value);
if ($striptags) {
$specialfilter = array('@<div[^>]*?tooltip_picture[^>]*?>.*?</div[^>]*?>@si');
// Strip ToolTips
$value = preg_replace($specialfilter, '', $value);
$specialfilter = array('@<div[^>]*?tooltip_text[^>]*?>.*?</div[^>]*?>@si');
// Strip ToolTips
$value = preg_replace($specialfilter, '', $value);
$specialfilter = array('@<div[^>]*?tooltip_picture_border[^>]*?>.*?</div[^>]*?>@si');
// Strip ToolTips
$value = preg_replace($specialfilter, '', $value);
$specialfilter = array('@<div[^>]*?invisible[^>]*?>.*?</div[^>]*?>@si');
// Strip ToolTips
$value = preg_replace($specialfilter, '', $value);
$value = preg_replace("/<(p|br|div)( [^>]*)?" . ">/i", "\n", $value);
$value = preg_replace("/( | )+/", " ", $value);
$search = array('@<script[^>]*?>.*?</script[^>]*?>@si', '@<style[^>]*?>.*?</style[^>]*?>@si', '@<!DOCTYPE[^>]*?>@si');
$value = preg_replace($search, '', $value);
}
$value = htmLawed($value, array('elements' => $striptags ? 'none' : '', 'keep_bad' => $keep_bad, 'comment' => 1, 'cdata' => 1));
$value = str_replace(array('<', '>'), array('&lt;', '&gt;'), $value);
/*
$specialfilter = array('@<span[^>]*?x-hidden[^>]*?>.*?</span[^>]*?>@si'); // Strip ToolTips
$value = preg_replace($specialfilter, ' ', $value);
$search = array('@<script[^>]*?>.*?</script[^>]*?>@si', // Strip out javascript
'@<style[^>]*?>.*?</style[^>]*?>@si', // Strip style tags properly
'@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags
'@<![\s\S]*?--[ \t\n\r]*>@'); // Strip multi-line comments including CDATA
$value = preg_replace($search, ' ', $value);
// nettoyer l'apostrophe curly qui pose probleme a certains rss-readers, lecteurs de mail...
$value = str_replace("’", "'", $value);
*/
// Problem with this regex : may crash
// $value = preg_replace("/ +/u", " ", $value);
// Revert back htmlawed & -> &
//$value = str_replace("&", "&", $value);
$value = str_replace(array("\r\n", "\r"), "\n", $value);
$value = preg_replace("/(\n[ ]*){2,}/", "\n\n", $value, -1);
return trim($value);
}