当前位置: 首页>>代码示例>>PHP>>正文


PHP Utility\Xss类代码示例

本文整理汇总了PHP中Drupal\Component\Utility\Xss的典型用法代码示例。如果您正苦于以下问题:PHP Xss类的具体用法?PHP Xss怎么用?PHP Xss使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了Xss类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: getTextContent

 /**
  * Retrieves the plain-text content from the current raw content.
  */
 protected function getTextContent()
 {
     if (!isset($this->plainTextContent)) {
         $this->plainTextContent = Xss::filter($this->getRawContent(), array());
     }
     return $this->plainTextContent;
 }
开发者ID:nsp15,项目名称:Drupal8,代码行数:10,代码来源:AssertContentTrait.php

示例2: testIntegration

 /**
  * Tests the integration.
  */
 public function testIntegration()
 {
     // Remove the watchdog entries added by the potential batch process.
     $this->container->get('database')->truncate('watchdog')->execute();
     $entries = array();
     // Setup a watchdog entry without tokens.
     $entries[] = array('message' => $this->randomMachineName(), 'variables' => array('link' => \Drupal::l('Link', new Url('<front>'))));
     // Setup a watchdog entry with one token.
     $entries[] = array('message' => '@token1', 'variables' => array('@token1' => $this->randomMachineName(), 'link' => \Drupal::l('Link', new Url('<front>'))));
     // Setup a watchdog entry with two tokens.
     $entries[] = array('message' => '@token1 !token2', 'variables' => array('@token1' => $this->randomMachineName(), '!token2' => $this->randomMachineName(), 'link' => \Drupal::l(SafeMarkup::set('<object>Link</object>'), new Url('<front>'))));
     $logger_factory = $this->container->get('logger.factory');
     foreach ($entries as $entry) {
         $entry += array('type' => 'test-views', 'severity' => RfcLogLevel::NOTICE);
         $logger_factory->get($entry['type'])->log($entry['severity'], $entry['message'], $entry['variables']);
     }
     $view = Views::getView('test_dblog');
     $this->executeView($view);
     $view->initStyle();
     foreach ($entries as $index => $entry) {
         $this->assertEqual($view->style_plugin->getField($index, 'message'), SafeMarkup::format($entry['message'], $entry['variables']));
         $this->assertEqual($view->style_plugin->getField($index, 'link'), Xss::filterAdmin($entry['variables']['link']));
     }
     // Disable replacing variables and check that the tokens aren't replaced.
     $view->destroy();
     $view->storage->invalidateCaches();
     $view->initHandlers();
     $this->executeView($view);
     $view->initStyle();
     $view->field['message']->options['replace_variables'] = FALSE;
     foreach ($entries as $index => $entry) {
         $this->assertEqual($view->style_plugin->getField($index, 'message'), $entry['message']);
     }
 }
开发者ID:nstielau,项目名称:drops-8,代码行数:37,代码来源:ViewsIntegrationTest.php

示例3: onKernelException

 /**
  * Redirects on 403 Access Denied kernel exceptions.
  *
  * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
  *   The Event to process.
  */
 public function onKernelException(GetResponseEvent $event)
 {
     $exception = $event->getException();
     if (!$exception instanceof AccessDeniedHttpException) {
         return;
     }
     $config = $this->configFactory->get('r4032login.settings');
     $options = array();
     $options['query'] = $this->redirectDestination->getAsArray();
     $options['absolute'] = TRUE;
     $code = $config->get('default_redirect_code');
     if ($this->currentUser->isAnonymous()) {
         // Show custom access denied message if set.
         if ($config->get('display_denied_message')) {
             $message = $config->get('access_denied_message');
             $message_type = $config->get('access_denied_message_type');
             drupal_set_message(Xss::filterAdmin($message), $message_type);
         }
         // Handle redirection to the login form.
         $login_route = $config->get('user_login_route');
         $url = Url::fromRoute($login_route, array(), $options)->toString();
         $response = new RedirectResponse($url, $code);
         $event->setResponse($response);
     } else {
         // Check to see if we are to redirect the user.
         $redirect = $config->get('redirect_authenticated_users_to');
         if ($redirect) {
             // Custom access denied page for logged in users.
             $url = Url::fromUserInput($redirect, $options)->toString();
             $response = new RedirectResponse($url, $code);
             $event->setResponse($response);
         }
     }
 }
开发者ID:isramv,项目名称:camp-gdl,代码行数:40,代码来源:R4032LoginSubscriber.php

示例4: render

 /**
  * Overrides \Drupal\views\Plugin\views\style\StylePluginBase\StylePluginBase::render().
  */
 public function render()
 {
     if (!empty($this->view->live_preview)) {
         return parent::render();
     }
     // Group the rows according to the grouping field, if specified.
     $sets = $this->renderGrouping($this->view->result, $this->options['grouping']);
     // Grab the alias of the 'id' field added by
     // entity_reference_plugin_display.
     $id_field_alias = $this->view->storage->get('base_field');
     // @todo We don't display grouping info for now. Could be useful for select
     // widget, though.
     $results = array();
     $this->view->row_index = 0;
     foreach ($sets as $records) {
         foreach ($records as $values) {
             // Sanitize HTML, remove line breaks and extra whitespace.
             $output = $this->view->rowPlugin->render($values);
             $output = drupal_render($output);
             $results[$values->{$id_field_alias}] = Xss::filterAdmin(preg_replace('/\\s\\s+/', ' ', str_replace("\n", '', $output)));
             $this->view->row_index++;
         }
     }
     unset($this->view->row_index);
     return $results;
 }
开发者ID:alnutile,项目名称:drunatra,代码行数:29,代码来源:EntityReference.php

示例5: testIntegration

 /**
  * Tests the integration.
  */
 public function testIntegration()
 {
     // Remove the watchdog entries added by the potential batch process.
     $this->container->get('database')->truncate('watchdog')->execute();
     $entries = array();
     // Setup a watchdog entry without tokens.
     $entries[] = array('message' => $this->randomMachineName(), 'variables' => array(), 'link' => l('Link', 'node/1'));
     // Setup a watchdog entry with one token.
     $entries[] = array('message' => '@token1', 'variables' => array('@token1' => $this->randomMachineName()), 'link' => l('Link', 'node/2'));
     // Setup a watchdog entry with two tokens.
     $entries[] = array('message' => '@token1 !token2', 'variables' => array('@token1' => $this->randomMachineName(), '!token2' => $this->randomMachineName()), 'link' => l('<object>Link</object>', 'node/2', array('html' => TRUE)));
     foreach ($entries as $entry) {
         $entry += array('type' => 'test-views', 'severity' => WATCHDOG_NOTICE);
         watchdog($entry['type'], $entry['message'], $entry['variables'], $entry['severity'], $entry['link']);
     }
     $view = Views::getView('test_dblog');
     $this->executeView($view);
     $view->initStyle();
     foreach ($entries as $index => $entry) {
         $this->assertEqual($view->style_plugin->getField($index, 'message'), String::format($entry['message'], $entry['variables']));
         $this->assertEqual($view->style_plugin->getField($index, 'link'), Xss::filterAdmin($entry['link']));
     }
     // Disable replacing variables and check that the tokens aren't replaced.
     $view->destroy();
     $view->initHandlers();
     $this->executeView($view);
     $view->initStyle();
     $view->field['message']->options['replace_variables'] = FALSE;
     foreach ($entries as $index => $entry) {
         $this->assertEqual($view->style_plugin->getField($index, 'message'), $entry['message']);
     }
 }
开发者ID:anatalsceo,项目名称:en-classe,代码行数:35,代码来源:ViewsIntegrationTest.php

示例6: completeSale

 /**
  * {@inheritdoc}
  */
 public function completeSale($order, $login = FALSE)
 {
     // Empty that cart...
     $this->emptyCart();
     // Force the order to load from the DB instead of the entity cache.
     // @todo Remove this once uc_payment_enter() can modify order objects?
     // @todo Should we be overwriting $order with this newly-loaded db_order?
     $db_order = $this->entityManager()->getStorage('uc_order')->loadUnchanged($order->id());
     $order->data = $db_order->data;
     // Ensure that user creation and triggers are only run once.
     if (empty($order->data->complete_sale)) {
         $this->completeSaleAccount($order);
         // Move an order's status from "In checkout" to "Pending".
         if ($order->getStateId() == 'in_checkout') {
             $order->setStatusId(uc_order_state_default('post_checkout'));
         }
         $order->save();
         // Invoke the checkout complete trigger and hook.
         $account = $order->getUser();
         $this->moduleHandler()->invokeAll('uc_checkout_complete', array($order, $account));
         // rules_invoke_event('uc_checkout_complete', $order);
     }
     $type = $order->data->complete_sale;
     // Log in new users, if requested.
     if ($type == 'new_user' && $login && $this->currentUser()->isAnonymous()) {
         $type = 'new_user_logged_in';
         user_login_finalize($order->getUser());
     }
     $message = $this->config('uc_cart.messages')->get($type);
     $message = \Drupal::token()->replace($message, array('uc_order' => $order));
     $variables['!new_username'] = isset($order->data->new_user_name) ? $order->data->new_user_name : '';
     $variables['!new_password'] = isset($order->password) ? $order->password : t('Your password');
     $message = strtr($message, $variables);
     return array('#theme' => 'uc_cart_complete_sale', '#message' => Xss::filterAdmin($message), '#order' => $order);
 }
开发者ID:pedrocones,项目名称:hydrotools,代码行数:38,代码来源:Cart.php

示例7: isSimple

 /**
  * Determines if a string of text is considered "simple".
  *
  * @param string $string
  *   The string of text to check "simple" criteria on.
  * @param int|FALSE $length
  *   The length of characters used to determine whether or not $string is
  *   considered "simple". Set explicitly to FALSE to disable this criteria.
  * @param array|FALSE $allowed_tags
  *   An array of allowed tag elements. Set explicitly to FALSE to disable this
  *   criteria.
  * @param bool $html
  *   A variable, passed by reference, that indicates whether or not the
  *   string contains HTML.
  *
  * @return bool
  *   Returns TRUE if the $string is considered "simple", FALSE otherwise.
  */
 public static function isSimple($string, $length = 250, $allowed_tags = NULL, &$html = FALSE)
 {
     // Typecast to a string (if an object).
     $string_clone = (string) $string;
     // Use the advanced drupal_static() pattern.
     static $drupal_static_fast;
     if (!isset($drupal_static_fast)) {
         $drupal_static_fast['strings'] =& drupal_static(__METHOD__);
     }
     $strings =& $drupal_static_fast['strings'];
     if (!isset($strings[$string_clone])) {
         $plain_string = strip_tags($string_clone);
         $simple = TRUE;
         if ($allowed_tags !== FALSE) {
             $filtered_string = Xss::filter($string_clone, $allowed_tags);
             $html = $filtered_string !== $plain_string;
             $simple = $simple && $string_clone === $filtered_string;
         }
         if ($length !== FALSE) {
             $simple = $simple && strlen($plain_string) <= intval($length);
         }
         $strings[$string_clone] = $simple;
     }
     return $strings[$string_clone];
 }
开发者ID:Suite5,项目名称:feelmybook,代码行数:43,代码来源:Unicode.php

示例8: build

 /**
  * {@inheritdoc}
  */
 public function build()
 {
     $this->view->display_handler->preBlockBuild($this);
     // We ask ViewExecutable::buildRenderable() to avoid creating a render cache
     // entry for the view output by passing FALSE, because we're going to cache
     // the whole block instead.
     if ($output = $this->view->buildRenderable($this->displayID, [], FALSE)) {
         // Override the label to the dynamic title configured in the view.
         if (empty($this->configuration['views_label']) && $this->view->getTitle()) {
             $output['#title'] = ['#markup' => $this->view->getTitle(), '#allowed_tags' => Xss::getHtmlTagList()];
         }
         // Before returning the block output, convert it to a renderable array
         // with contextual links.
         $this->addContextualLinks($output);
         // Block module expects to get a final render array, without another
         // top-level #pre_render callback. So, here we make sure that Views'
         // #pre_render callback has already been applied.
         $output = View::preRenderViewElement($output);
         // When view_build is empty, the actual render array output for this View
         // is going to be empty. In that case, return just #cache, so that the
         // render system knows the reasons (cache contexts & tags) why this Views
         // block is empty, and can cache it accordingly.
         if (empty($output['view_build'])) {
             $output = ['#cache' => $output['#cache']];
         }
         return $output;
     }
     return array();
 }
开发者ID:aWEBoLabs,项目名称:taxi,代码行数:32,代码来源:ViewsBlock.php

示例9: buildRow

 /**
  * {@inheritdoc}
  */
 public function buildRow(EntityInterface $entity)
 {
     $row = array();
     $row['title'] = array('data' => $this->getLabel($entity), 'class' => array('menu-label'));
     $row['description'] = Xss::filterAdmin($entity->description);
     return $row + parent::buildRow($entity);
 }
开发者ID:jasonruyle,项目名称:crm_core,代码行数:10,代码来源:ContactTypeListBuilder.php

示例10: process

 /**
  * {@inheritdoc}
  */
 public function process($text, $langcode)
 {
     $allowed_tags = array_filter($this->settings['restrictions']['allowed'], function ($value) {
         return is_array($value) || (bool) $value !== FALSE;
     });
     return new FilterProcessResult(Xss::filter($text, array_keys($allowed_tags)));
 }
开发者ID:ddrozdik,项目名称:dmaps,代码行数:10,代码来源:FilterTestRestrictTagsAndAttributes.php

示例11: execute

 /**
  * {@inheritdoc}
  */
 public function execute($entity = NULL)
 {
     if (empty($this->configuration['node'])) {
         $this->configuration['node'] = $entity;
     }
     $message = $this->token->replace(Xss::filterAdmin($this->configuration['message']), $this->configuration);
     drupal_set_message($message);
 }
开发者ID:davidsoloman,项目名称:drupalconsole.com,代码行数:11,代码来源:MessageAction.php

示例12: getOptions

 /**
  * Returns the array of recipient handler labels.
  * @todo documentation
  */
 public function getOptions()
 {
     $handlers = $this->getDefinitions();
     $allowed_values = array();
     foreach ($handlers as $handler => $settings) {
         $allowed_values[$handler] = Xss::filter($settings['title']);
     }
     return $allowed_values;
 }
开发者ID:aritnath1990,项目名称:simplenewslatest,代码行数:13,代码来源:RecipientHandlerManager.php

示例13: getTextContent

 /**
  * Retrieves the plain-text content from the current raw content.
  */
 protected function getTextContent() {
   if (!isset($this->plainTextContent)) {
     $raw_content = $this->getRawContent();
     // Strip everything between the HEAD tags.
     $raw_content = preg_replace('@<head>(.+?)</head>@si', '', $raw_content);
     $this->plainTextContent = Xss::filter($raw_content, array());
   }
   return $this->plainTextContent;
 }
开发者ID:jthoresen,项目名称:PladsenDrupal,代码行数:12,代码来源:AssertContentTrait.php

示例14: testExecutionOrder

 /**
  * Tests execution order of hook_form_alter() and hook_form_FORM_ID_alter().
  */
 function testExecutionOrder()
 {
     $this->drupalGet('form-test/alter');
     // Ensure that the order is first by module, then for a given module, the
     // id-specific one after the generic one.
     $expected = array('block_form_form_test_alter_form_alter() executed.', 'form_test_form_alter() executed.', 'form_test_form_form_test_alter_form_alter() executed.', 'system_form_form_test_alter_form_alter() executed.');
     $content = preg_replace('/\\s+/', ' ', Xss::filter($this->content, array()));
     $this->assert(strpos($content, implode(' ', $expected)) !== FALSE, 'Form alter hooks executed in the expected order.');
 }
开发者ID:sarahwillem,项目名称:OD8,代码行数:12,代码来源:AlterTest.php

示例15: testCustomFieldXss

 /**
  * Ensure that custom field content is XSS filtered.
  */
 public function testCustomFieldXss()
 {
     $view = Views::getView('test_view');
     $view->setDisplay();
     // Alter the text of the field to include XSS.
     $text = '<script>alert("kittens")</script>';
     $view->displayHandlers->get('default')->overrideOption('fields', array('name' => array('id' => 'name', 'table' => 'views_test_data', 'field' => 'name', 'relationship' => 'none', 'alter' => array('text' => $text))));
     $this->executeView($view);
     $this->assertEqual(Xss::filter($text), $view->style_plugin->getField(0, 'name'));
 }
开发者ID:briefmedia-digital,项目名称:drupal8,代码行数:13,代码来源:FieldCustomTest.php


注:本文中的Drupal\Component\Utility\Xss类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。