当前位置: 首页>>代码示例>>PHP>>正文


PHP FormHelper::xssClean方法代码示例

本文整理汇总了PHP中FormHelper::xssClean方法的典型用法代码示例。如果您正苦于以下问题:PHP FormHelper::xssClean方法的具体用法?PHP FormHelper::xssClean怎么用?PHP FormHelper::xssClean使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在FormHelper的用法示例。


在下文中一共展示了FormHelper::xssClean方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: validateGetAndPost

 /**
  * Validate the user input and set the value
  */
 public static function validateGetAndPost($objWidget, $strMethod, $strFormId, $arrData)
 {
     if ($strMethod == FORMHYBRID_METHOD_GET) {
         $varValue = $objWidget->validator(static::getGet($objWidget, $objWidget->strName));
         $varValue = FormHelper::xssClean($varValue, $objWidget->allowHtml);
     } else {
         // \Widget->validate retrieves submission data form post -> xss related stuff needs to be removed beforehands
         $_POST[$objWidget->name] = FormHelper::xssClean($_POST[$objWidget->name], $objWidget->allowHtml);
         // Captcha needs no value, just simple validation
         if ($objWidget instanceof \FormCaptcha) {
             $varValue = '';
             $objWidget->validate();
         } else {
             $objWidget->validate();
             $varValue = $objWidget->value;
         }
     }
     $objWidget->varValue = $varValue;
     // HOOK: validate form field callback
     if (isset($GLOBALS['TL_HOOKS']['formHybridValidateFormField']) && is_array($GLOBALS['TL_HOOKS']['formHybridValidateFormField'])) {
         foreach ($GLOBALS['TL_HOOKS']['formHybridValidateFormField'] as $callback) {
             $objClass = \Controller::importStatic($callback[0]);
             $objClass->{$callback[1]}($objWidget, $strFormId, $arrData);
         }
     }
     if ($objWidget->hasErrors()) {
         $objWidget->class = 'error';
     }
 }
开发者ID:heimrichhannot,项目名称:contao-formhybrid,代码行数:32,代码来源:FrontendWidget.php

示例2: escapeAllEntities

 public static function escapeAllEntities($strDca, $strField, $varValue)
 {
     \Controller::loadDataContainer($strDca);
     if (!is_array($varValue) && \Validator::isUuid($varValue)) {
         return $varValue;
     }
     if (is_array($varValue)) {
         $arrValues = array();
         foreach ($varValue as $i => $strValue) {
             $arrValues[$i] = static::escapeAllEntities($strDca, $strField, $strValue);
         }
         return $arrValues;
     }
     $arrData = $GLOBALS['TL_DCA'][$strDca]['fields'][$strField];
     $strPreservedTags = isset($arrData['eval']['allowedTags']) ? $arrData['eval']['allowedTags'] : \Config::get('allowedTags');
     // transform to array
     $strPreservedTags = str_replace(array('<', '>'), array('', ','), rtrim($strPreservedTags, '>'));
     // prepare for replacing
     $varValue = html_entity_decode($varValue);
     foreach (explode(',', $strPreservedTags) as $strTag) {
         $varValue = preg_replace('/<(\\/?' . $strTag . '[^>]*)>/i', '|%lt%$1%gt%|', $varValue);
     }
     $varValue = htmlentities($varValue, ENT_COMPAT, 'UTF-8');
     $varValue = FormHelper::xssClean($varValue, $arrData['eval']['allowHtml']);
     $varValue = str_replace(array('|%lt%', '%gt%|', '&amp;', '&quot;'), array('<', '>', '&', '"'), $varValue);
     return $varValue;
 }
开发者ID:heimrichhannot,项目名称:contao-formhybrid,代码行数:27,代码来源:FormHelper.php


注:本文中的FormHelper::xssClean方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。