本文整理汇总了PHP中FormHelper::xssClean方法的典型用法代码示例。如果您正苦于以下问题:PHP FormHelper::xssClean方法的具体用法?PHP FormHelper::xssClean怎么用?PHP FormHelper::xssClean使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类FormHelper
的用法示例。
在下文中一共展示了FormHelper::xssClean方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: validateGetAndPost
/**
* Validate the user input and set the value
*/
public static function validateGetAndPost($objWidget, $strMethod, $strFormId, $arrData)
{
if ($strMethod == FORMHYBRID_METHOD_GET) {
$varValue = $objWidget->validator(static::getGet($objWidget, $objWidget->strName));
$varValue = FormHelper::xssClean($varValue, $objWidget->allowHtml);
} else {
// \Widget->validate retrieves submission data form post -> xss related stuff needs to be removed beforehands
$_POST[$objWidget->name] = FormHelper::xssClean($_POST[$objWidget->name], $objWidget->allowHtml);
// Captcha needs no value, just simple validation
if ($objWidget instanceof \FormCaptcha) {
$varValue = '';
$objWidget->validate();
} else {
$objWidget->validate();
$varValue = $objWidget->value;
}
}
$objWidget->varValue = $varValue;
// HOOK: validate form field callback
if (isset($GLOBALS['TL_HOOKS']['formHybridValidateFormField']) && is_array($GLOBALS['TL_HOOKS']['formHybridValidateFormField'])) {
foreach ($GLOBALS['TL_HOOKS']['formHybridValidateFormField'] as $callback) {
$objClass = \Controller::importStatic($callback[0]);
$objClass->{$callback[1]}($objWidget, $strFormId, $arrData);
}
}
if ($objWidget->hasErrors()) {
$objWidget->class = 'error';
}
}
示例2: escapeAllEntities
public static function escapeAllEntities($strDca, $strField, $varValue)
{
\Controller::loadDataContainer($strDca);
if (!is_array($varValue) && \Validator::isUuid($varValue)) {
return $varValue;
}
if (is_array($varValue)) {
$arrValues = array();
foreach ($varValue as $i => $strValue) {
$arrValues[$i] = static::escapeAllEntities($strDca, $strField, $strValue);
}
return $arrValues;
}
$arrData = $GLOBALS['TL_DCA'][$strDca]['fields'][$strField];
$strPreservedTags = isset($arrData['eval']['allowedTags']) ? $arrData['eval']['allowedTags'] : \Config::get('allowedTags');
// transform to array
$strPreservedTags = str_replace(array('<', '>'), array('', ','), rtrim($strPreservedTags, '>'));
// prepare for replacing
$varValue = html_entity_decode($varValue);
foreach (explode(',', $strPreservedTags) as $strTag) {
$varValue = preg_replace('/<(\\/?' . $strTag . '[^>]*)>/i', '|%lt%$1%gt%|', $varValue);
}
$varValue = htmlentities($varValue, ENT_COMPAT, 'UTF-8');
$varValue = FormHelper::xssClean($varValue, $arrData['eval']['allowHtml']);
$varValue = str_replace(array('|%lt%', '%gt%|', '&', '"'), array('<', '>', '&', '"'), $varValue);
return $varValue;
}