当前位置: 首页>>代码示例>>PHP>>正文


PHP Sanitizer::safeEncodeAttribute方法代码示例

本文整理汇总了PHP中Sanitizer::safeEncodeAttribute方法的典型用法代码示例。如果您正苦于以下问题:PHP Sanitizer::safeEncodeAttribute方法的具体用法?PHP Sanitizer::safeEncodeAttribute怎么用?PHP Sanitizer::safeEncodeAttribute使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Sanitizer的用法示例。


在下文中一共展示了Sanitizer::safeEncodeAttribute方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: safeEncodeTagAttributes

 /**
  * Build a partial tag string from an associative array of attribute
  * names and values as returned by decodeTagAttributes.
  *
  * @param array $assoc_array
  * @return string
  */
 public static function safeEncodeTagAttributes($assoc_array)
 {
     $attribs = array();
     foreach ($assoc_array as $attribute => $value) {
         $encAttribute = htmlspecialchars($attribute);
         $encValue = Sanitizer::safeEncodeAttribute($value);
         $attribs[] = "{$encAttribute}=\"{$encValue}\"";
     }
     return count($attribs) ? ' ' . implode(' ', $attribs) : '';
 }
开发者ID:MediaWiki-stable,项目名称:1.26.1,代码行数:17,代码来源:Sanitizer.php

示例2: fixTagAttributes

 /**
  * Take a tag soup fragment listing an HTML element's attributes
  * and normalize it to well-formed XML, discarding unwanted attributes.
  * Output is safe for further wikitext processing, with escaping of
  * values that could trigger problems.
  *
  * - Normalizes attribute names to lowercase
  * - Discards attributes not on a whitelist for the given element
  * - Turns broken or invalid entities into plaintext
  * - Double-quotes all attribute values
  * - Attributes without values are given the name as attribute
  * - Double attributes are discarded
  * - Unsafe style attributes are discarded
  * - Prepends space if there are attributes.
  *
  * @param $text String
  * @param $element String
  * @return String
  */
 static function fixTagAttributes($text, $element)
 {
     if (trim($text) == '') {
         return '';
     }
     $stripped = Sanitizer::validateTagAttributes(Sanitizer::decodeTagAttributes($text), $element);
     $attribs = array();
     foreach ($stripped as $attribute => $value) {
         $encAttribute = htmlspecialchars($attribute);
         $encValue = Sanitizer::safeEncodeAttribute($value);
         $attribs[] = "{$encAttribute}=\"{$encValue}\"";
     }
     return count($attribs) ? ' ' . implode(' ', $attribs) : '';
 }
开发者ID:JeroenDeDauw,项目名称:iRail,代码行数:33,代码来源:Sanitizer.php

示例3: fixTagAttributes

 /**
  * Take a tag soup fragment listing an HTML element's attributes
  * and normalize it to well-formed XML, discarding unwanted attributes.
  * Output is safe for further wikitext processing, with escaping of
  * values that could trigger problems.
  *
  * - Normalizes attribute names to lowercase
  * - Discards attributes not on a whitelist for the given element
  * - Turns broken or invalid entities into plaintext
  * - Double-quotes all attribute values
  * - Attributes without values are given the name as attribute
  * - Double attributes are discarded
  * - Unsafe style attributes are discarded
  * - Prepends space if there are attributes.
  *
  * @param $text String
  * @param $element String
  * @return String
  */
 static function fixTagAttributes($text, $element)
 {
     if (trim($text) == '') {
         return '';
     }
     $decoded = Sanitizer::decodeTagAttributes($text);
     $decoded = Sanitizer::fixDeprecatedAttributes($decoded, $element);
     $stripped = Sanitizer::validateTagAttributes($decoded, $element);
     $attribs = array();
     foreach ($stripped as $attribute => $value) {
         $encAttribute = htmlspecialchars($attribute);
         $encValue = Sanitizer::safeEncodeAttribute($value);
         # RTE (Rich Text Editor) - begin
         # @author: Inez Korczyński, macbre
         global $wgRTEParserEnabled;
         if (!empty($wgRTEParserEnabled) && $encAttribute == 'style') {
             // BugId:2462 - remove apostrophes from style attribute
             $encValue = str_replace(''', '', $encValue);
             $attribs[] = "data-rte-style=\"{$encValue}\"";
         }
         # RTE - end
         $attribs[] = "{$encAttribute}=\"{$encValue}\"";
     }
     # RTE (Rich Text Editor) - begin
     # @author: Inez Korczyński
     global $wgRTEParserEnabled;
     if (!empty($wgRTEParserEnabled)) {
         if (strpos($text, "") !== false) {
             RTE::$edgeCases[] = 'COMPLEX.08';
         }
         $attribs[] = RTEParser::encodeAttributesStr($text);
     }
     # RTE - end
     return count($attribs) ? ' ' . implode(' ', $attribs) : '';
 }
开发者ID:Tjorriemorrie,项目名称:app,代码行数:54,代码来源:Sanitizer.php

示例4: formHTML


//.........这里部分代码省略.........
			$free_text = trim( $existing_page_content );
		// or get it from a form submission
		} elseif ( $wgRequest->getCheck( 'free_text' ) ) {
			$free_text = $wgRequest->getVal( 'free_text' );
			if ( ! $free_text_was_included ) {
				$data_text .= "!free_text!";
			}
		// or get it from the form definition
		} elseif ( $free_text_preload_page != null ) {
			$free_text = SFFormUtils::getPreloadedText( $free_text_preload_page );
		} else {
			$free_text = null;
		}
		if ( $onlyinclude_free_text ) {
			// modify free text and data text to insert <onlyinclude> tags
			$free_text = str_replace( "<onlyinclude>", '', $free_text );
			$free_text = str_replace( "</onlyinclude>", '', $free_text );
			$free_text = trim( $free_text );
			$data_text = str_replace( '!free_text!', '<onlyinclude>!free_text!</onlyinclude>', $data_text );
		}

		wfRunHooks( 'sfModifyFreeTextField', array( &$free_text, $existing_page_content ) );
		// if the FCKeditor extension is installed, use that for the free text input
		global $wgFCKEditorDir;
		if ( $wgFCKEditorDir && strpos( $existing_page_content, '__NORICHEDITOR__' ) === false ) {
			$showFCKEditor = SFFormUtils::getShowFCKEditor();
			if ( !$form_submitted && ( $showFCKEditor & RTE_VISIBLE ) ) {
				$free_text = SFFormUtils::prepareTextForFCK( $free_text );
			}
		} else {
			$showFCKEditor = 0;
		}
		// now that we have it, substitute free text into the form and page
		$escaped_free_text = Sanitizer::safeEncodeAttribute( $free_text );
		$form_text = str_replace( '!free_text!', $escaped_free_text, $form_text );
		$data_text = str_replace( '!free_text!', $free_text, $data_text );

		// Add a warning in, if we're editing an existing page and that
		// page appears to not have been created with this form.
		if ( !$is_query && $this->mPageTitle->exists() && ( $existing_page_content !== '' ) && ! $source_page_matches_this_form ) {
			$form_text = "\t" . '<div class="warningbox">' . wfMsg( 'sf_formedit_formwarning', $this->mPageTitle->getFullURL() ) . "</div>\n<br clear=\"both\" />\n" . $form_text;
		}

		// add form bottom, if no custom "standard inputs" have been defined
		if ( !$this->standardInputsIncluded ) {
			if ( $is_query )
				$form_text .= SFFormUtils::queryFormBottom( $form_is_disabled );
			else
				$form_text .= SFFormUtils::formBottom( $form_is_disabled );
		}

		$page_article = new Article( $this->mPageTitle, 0 );

		if ( !$is_query ) {
			$form_text .= SFFormUtils::hiddenFieldHTML( 'wpStarttime', wfTimestampNow() );
			$form_text .= SFFormUtils::hiddenFieldHTML( 'wpEdittime', $page_article->getTimestamp() );
		}

		$form_text .= "\t</form>\n";

		// Add general Javascript code.
		wfRunHooks( 'sfAddJavascriptToForm', array( &$javascript_text ) );

		// @TODO The FCKeditor Javascript should be handled within
		// the FCKeditor extension itself, using the hook.
		$javascript_text = "";
开发者ID:realsoc,项目名称:mediawiki-extensions,代码行数:67,代码来源:SF_FormPrinter.php

示例5: formHTML


//.........这里部分代码省略.........
        }
        // If it wasn't included in the form definition, add the
        // 'free text' input as a hidden field at the bottom.
        if (!$free_text_was_included) {
            $form_text .= Html::hidden('sf_free_text', '!free_text!');
        }
        // Get free text, and add to page data, as well as retroactively
        // inserting it into the form.
        // If $form_is_partial is true then either:
        // (a) we're processing a replacement (param 'partial' == 1)
        // (b) we're sending out something to be replaced (param 'partial' is missing)
        if ($form_is_partial) {
            if (!$wgRequest->getCheck('partial')) {
                $free_text = $original_page_content;
            } else {
                $free_text = null;
                $existing_page_content = preg_replace(array('/�\\{/m', '/\\}�/m'), array('{{', '}}'), $existing_page_content);
                $existing_page_content = str_replace('{{{insertionpoint}}}', '', $existing_page_content);
            }
            $form_text .= Html::hidden('partial', 1);
        } elseif ($source_is_page) {
            // If the page is the source, free_text will just be
            // whatever in the page hasn't already been inserted
            // into the form.
            $free_text = trim($existing_page_content);
            // or get it from a form submission
        } elseif ($wgRequest->getCheck('sf_free_text')) {
            $free_text = $wgRequest->getVal('sf_free_text');
            if (!$free_text_was_included) {
                $wiki_page->addFreeTextSection();
            }
        } else {
            $free_text = null;
        }
        if ($wiki_page->freeTextOnlyInclude()) {
            $free_text = str_replace("<onlyinclude>", '', $free_text);
            $free_text = str_replace("</onlyinclude>", '', $free_text);
            $free_text = trim($free_text);
        }
        $page_text = '';
        // The first hook here is deprecated. Use the second.
        // Note: Hooks::run can take a third argument which indicates
        // a deprecated hook, but it expects a MediaWiki version, not
        // an extension version.
        Hooks::run('sfModifyFreeTextField', array(&$free_text, $existing_page_content));
        Hooks::run('sfBeforeFreeTextSubstitution', array(&$free_text, $existing_page_content, &$page_text));
        // Now that we have it, add free text to the page, and
        // substitute it into the form.
        if ($form_submitted) {
            $wiki_page->setFreeText($free_text);
            $page_text = $wiki_page->createPageText();
        }
        $escaped_free_text = Sanitizer::safeEncodeAttribute($free_text);
        $form_text = str_replace('!free_text!', $escaped_free_text, $form_text);
        // Add a warning in, if we're editing an existing page and that
        // page appears to not have been created with this form.
        if (!$is_query && is_null($page_name_formula) && $this->mPageTitle->exists() && $existing_page_content !== '' && !$source_page_matches_this_form) {
            $form_text = "\t" . '<div class="warningbox">' . wfMessage('sf_formedit_formwarning', $this->mPageTitle->getFullURL())->text() . "</div>\n<br clear=\"both\" />\n" . $form_text;
        }
        // Add form bottom, if no custom "standard inputs" have been defined.
        if (!$this->standardInputsIncluded) {
            if ($is_query) {
                $form_text .= SFFormUtils::queryFormBottom($form_is_disabled);
            } else {
                $form_text .= SFFormUtils::formBottom($form_submitted, $form_is_disabled);
            }
        }
        if (!$is_query) {
            $form_text .= Html::hidden('wpStarttime', wfTimestampNow());
            $article = new Article($this->mPageTitle, 0);
            $form_text .= Html::hidden('wpEdittime', $article->getTimestamp());
            $form_text .= Html::hidden('wpEditToken', $wgUser->getEditToken());
        }
        $form_text .= "\t</form>\n";
        $wgParser->replaceLinkHolders($form_text);
        Hooks::run('sfRenderingEnd', array(&$form_text));
        // Add general Javascript code.
        $javascript_text = "";
        Hooks::run('sfAddJavascriptToForm', array(&$javascript_text));
        // Send the autocomplete values to the browser, along with the
        // mappings of which values should apply to which fields.
        // If doing a replace, the page text is actually the modified
        // original page.
        if ($wgRequest->getCheck('partial')) {
            $page_text = $existing_page_content;
        }
        if (!$is_embedded) {
            $form_page_title = $wgParser->recursiveTagParse(str_replace("{{!}}", "|", $form_page_title));
        } else {
            $form_page_title = null;
        }
        // If the form has already been submitted, i.e. this is just
        // the redirect page, get rid of all the Javascript, to avoid
        // JS errors.
        if ($form_submitted) {
            $javascript_text = '';
        }
        //		$wgParser = $oldParser;
        return array($form_text, $javascript_text, $page_text, $form_page_title, $generated_page_name);
    }
开发者ID:paladox,项目名称:mediawiki-extensions-SemanticForms,代码行数:101,代码来源:SF_FormPrinter.php

示例6: formSerialize


//.........这里部分代码省略.........
                                     $cur_value_in_template .= " {$hour}:{$minute}:{$second}";
                                 } else {
                                     $ampm = date("A", $cur_time);
                                     $cur_value_in_template .= " {$hour}:{$minute}:{$second} {$ampm}";
                                 }
                             }
                             if ($input_type == 'datetime with timezone') {
                                 $timezone = date("T", $cur_time);
                                 $cur_value_in_template .= " {$timezone}";
                             }
                         }
                     }
                     // if the field is a text field, and its default value was set
                     // to 'current user', and it has no current value, set $cur_value
                     // to be the current user
                     if ($default_value == 'current user' && ($cur_value == '' || $cur_value == 'current user')) {
                         if ($input_type == 'text' || $input_type == '') {
                             $cur_value_in_template = $wgUser->getName();
                             $cur_value = $cur_value_in_template;
                         }
                     }
                     # field + field value
                     $form_field->cur_value = $cur_value;
                     # possible_values hack
                     $__tmpValues = $form_field->template_field->possible_values;
                     $form_field->template_field->possible_values = array();
                     if ($__tmpValues != NULL) {
                         foreach ($__tmpValues as $key => $value) {
                             $form_field->template_field->possible_values["value" . $key] = $value;
                         }
                     }
                     $field["field" . count($field)] = $this->toArrayForSerialize($form_field);
                     $new_text = "dummy";
                     // set only in order to break
                     if ($new_text) {
                         $section = substr_replace($section, $new_text, $brackets_loc, $brackets_end_loc + 3 - $brackets_loc);
                     } else {
                         $start_position = $brackets_end_loc;
                     }
                 }
             } else {
                 // tag is not one of the three allowed values
                 // ignore tag
                 $start_position = $brackets_end_loc;
             }
             // end if
         }
         // end while
     }
     // end for
     // get free text, and add to page data, as well as retroactively
     // inserting it into the form
     // If $form_is_partial is true then either:
     // (a) we're processing a replacement (param 'partial' == 1)
     // (b) we're sending out something to be replaced (param 'partial' is missing)
     if ($form_is_partial) {
         if (!$wgRequest->getCheck('partial')) {
             $free_text = $original_page_content;
             $form_text .= SFFormUtils::hiddenFieldHTML('partial', 1);
         } else {
             $free_text = null;
             $existing_page_content = preg_replace('/²\\{(.*?)\\}²/s', '{{\\1}}', $existing_page_content);
             $existing_page_content = preg_replace('/\\{\\{\\{insertionpoint\\}\\}\\}/', '', $existing_page_content);
             $existing_page_content = Sanitizer::safeEncodeAttribute($existing_page_content);
         }
     } elseif ($source_is_page) {
         // if the page is the source, free_text will just be whatever in the
         // page hasn't already been inserted into the form
         $free_text = trim($existing_page_content);
         // or get it from a form submission
     } elseif ($wgRequest->getCheck('free_text')) {
         $free_text = $wgRequest->getVal('free_text');
         if (!$free_text_was_included) {
             $data_text .= "<free_text>";
         }
         // or get it from the form definition
     } elseif ($free_text_preload_page != null) {
         $free_text = SFFormUtils::getPreloadedText($free_text_preload_page);
     } else {
         $free_text = null;
     }
     # the free text is set here
     // if the FCKeditor extension is installed, use that for the free text input
     global $wgFCKEditorDir;
     if ($wgFCKEditorDir) {
         $showFCKEditor = SFFormUtils::getShowFCKEditor();
         $free_text = htmlspecialchars($free_text);
         if ($showFCKEditor & RTE_VISIBLE) {
             $free_text = SFFormUtils::prepareTextForFCK($free_text);
         }
     } else {
         $showFCKEditor = 0;
         $free_text = Sanitizer::safeEncodeAttribute($free_text);
     }
     // now that we have it, substitute free text into the form and page
     $form_text = str_replace('<free_text>', $free_text, $form_text);
     $data_text = str_replace('<free_text>', $free_text, $data_text);
     # return the fields
     return $__fields;
 }
开发者ID:seedbank,项目名称:old-repo,代码行数:101,代码来源:SF_DataAPI.php


注:本文中的Sanitizer::safeEncodeAttribute方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。