本文整理汇总了PHP中Drupal\Component\Utility\Xss类的典型用法代码示例。如果您正苦于以下问题:PHP Xss类的具体用法?PHP Xss怎么用?PHP Xss使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Xss类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: getTextContent
/**
* Retrieves the plain-text content from the current raw content.
*/
protected function getTextContent()
{
if (!isset($this->plainTextContent)) {
$this->plainTextContent = Xss::filter($this->getRawContent(), array());
}
return $this->plainTextContent;
}
示例2: testIntegration
/**
* Tests the integration.
*/
public function testIntegration()
{
// Remove the watchdog entries added by the potential batch process.
$this->container->get('database')->truncate('watchdog')->execute();
$entries = array();
// Setup a watchdog entry without tokens.
$entries[] = array('message' => $this->randomMachineName(), 'variables' => array('link' => \Drupal::l('Link', new Url('<front>'))));
// Setup a watchdog entry with one token.
$entries[] = array('message' => '@token1', 'variables' => array('@token1' => $this->randomMachineName(), 'link' => \Drupal::l('Link', new Url('<front>'))));
// Setup a watchdog entry with two tokens.
$entries[] = array('message' => '@token1 !token2', 'variables' => array('@token1' => $this->randomMachineName(), '!token2' => $this->randomMachineName(), 'link' => \Drupal::l(SafeMarkup::set('<object>Link</object>'), new Url('<front>'))));
$logger_factory = $this->container->get('logger.factory');
foreach ($entries as $entry) {
$entry += array('type' => 'test-views', 'severity' => RfcLogLevel::NOTICE);
$logger_factory->get($entry['type'])->log($entry['severity'], $entry['message'], $entry['variables']);
}
$view = Views::getView('test_dblog');
$this->executeView($view);
$view->initStyle();
foreach ($entries as $index => $entry) {
$this->assertEqual($view->style_plugin->getField($index, 'message'), SafeMarkup::format($entry['message'], $entry['variables']));
$this->assertEqual($view->style_plugin->getField($index, 'link'), Xss::filterAdmin($entry['variables']['link']));
}
// Disable replacing variables and check that the tokens aren't replaced.
$view->destroy();
$view->storage->invalidateCaches();
$view->initHandlers();
$this->executeView($view);
$view->initStyle();
$view->field['message']->options['replace_variables'] = FALSE;
foreach ($entries as $index => $entry) {
$this->assertEqual($view->style_plugin->getField($index, 'message'), $entry['message']);
}
}
示例3: onKernelException
/**
* Redirects on 403 Access Denied kernel exceptions.
*
* @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
* The Event to process.
*/
public function onKernelException(GetResponseEvent $event)
{
$exception = $event->getException();
if (!$exception instanceof AccessDeniedHttpException) {
return;
}
$config = $this->configFactory->get('r4032login.settings');
$options = array();
$options['query'] = $this->redirectDestination->getAsArray();
$options['absolute'] = TRUE;
$code = $config->get('default_redirect_code');
if ($this->currentUser->isAnonymous()) {
// Show custom access denied message if set.
if ($config->get('display_denied_message')) {
$message = $config->get('access_denied_message');
$message_type = $config->get('access_denied_message_type');
drupal_set_message(Xss::filterAdmin($message), $message_type);
}
// Handle redirection to the login form.
$login_route = $config->get('user_login_route');
$url = Url::fromRoute($login_route, array(), $options)->toString();
$response = new RedirectResponse($url, $code);
$event->setResponse($response);
} else {
// Check to see if we are to redirect the user.
$redirect = $config->get('redirect_authenticated_users_to');
if ($redirect) {
// Custom access denied page for logged in users.
$url = Url::fromUserInput($redirect, $options)->toString();
$response = new RedirectResponse($url, $code);
$event->setResponse($response);
}
}
}
示例4: render
/**
* Overrides \Drupal\views\Plugin\views\style\StylePluginBase\StylePluginBase::render().
*/
public function render()
{
if (!empty($this->view->live_preview)) {
return parent::render();
}
// Group the rows according to the grouping field, if specified.
$sets = $this->renderGrouping($this->view->result, $this->options['grouping']);
// Grab the alias of the 'id' field added by
// entity_reference_plugin_display.
$id_field_alias = $this->view->storage->get('base_field');
// @todo We don't display grouping info for now. Could be useful for select
// widget, though.
$results = array();
$this->view->row_index = 0;
foreach ($sets as $records) {
foreach ($records as $values) {
// Sanitize HTML, remove line breaks and extra whitespace.
$output = $this->view->rowPlugin->render($values);
$output = drupal_render($output);
$results[$values->{$id_field_alias}] = Xss::filterAdmin(preg_replace('/\\s\\s+/', ' ', str_replace("\n", '', $output)));
$this->view->row_index++;
}
}
unset($this->view->row_index);
return $results;
}
示例5: testIntegration
/**
* Tests the integration.
*/
public function testIntegration()
{
// Remove the watchdog entries added by the potential batch process.
$this->container->get('database')->truncate('watchdog')->execute();
$entries = array();
// Setup a watchdog entry without tokens.
$entries[] = array('message' => $this->randomMachineName(), 'variables' => array(), 'link' => l('Link', 'node/1'));
// Setup a watchdog entry with one token.
$entries[] = array('message' => '@token1', 'variables' => array('@token1' => $this->randomMachineName()), 'link' => l('Link', 'node/2'));
// Setup a watchdog entry with two tokens.
$entries[] = array('message' => '@token1 !token2', 'variables' => array('@token1' => $this->randomMachineName(), '!token2' => $this->randomMachineName()), 'link' => l('<object>Link</object>', 'node/2', array('html' => TRUE)));
foreach ($entries as $entry) {
$entry += array('type' => 'test-views', 'severity' => WATCHDOG_NOTICE);
watchdog($entry['type'], $entry['message'], $entry['variables'], $entry['severity'], $entry['link']);
}
$view = Views::getView('test_dblog');
$this->executeView($view);
$view->initStyle();
foreach ($entries as $index => $entry) {
$this->assertEqual($view->style_plugin->getField($index, 'message'), String::format($entry['message'], $entry['variables']));
$this->assertEqual($view->style_plugin->getField($index, 'link'), Xss::filterAdmin($entry['link']));
}
// Disable replacing variables and check that the tokens aren't replaced.
$view->destroy();
$view->initHandlers();
$this->executeView($view);
$view->initStyle();
$view->field['message']->options['replace_variables'] = FALSE;
foreach ($entries as $index => $entry) {
$this->assertEqual($view->style_plugin->getField($index, 'message'), $entry['message']);
}
}
示例6: completeSale
/**
* {@inheritdoc}
*/
public function completeSale($order, $login = FALSE)
{
// Empty that cart...
$this->emptyCart();
// Force the order to load from the DB instead of the entity cache.
// @todo Remove this once uc_payment_enter() can modify order objects?
// @todo Should we be overwriting $order with this newly-loaded db_order?
$db_order = $this->entityManager()->getStorage('uc_order')->loadUnchanged($order->id());
$order->data = $db_order->data;
// Ensure that user creation and triggers are only run once.
if (empty($order->data->complete_sale)) {
$this->completeSaleAccount($order);
// Move an order's status from "In checkout" to "Pending".
if ($order->getStateId() == 'in_checkout') {
$order->setStatusId(uc_order_state_default('post_checkout'));
}
$order->save();
// Invoke the checkout complete trigger and hook.
$account = $order->getUser();
$this->moduleHandler()->invokeAll('uc_checkout_complete', array($order, $account));
// rules_invoke_event('uc_checkout_complete', $order);
}
$type = $order->data->complete_sale;
// Log in new users, if requested.
if ($type == 'new_user' && $login && $this->currentUser()->isAnonymous()) {
$type = 'new_user_logged_in';
user_login_finalize($order->getUser());
}
$message = $this->config('uc_cart.messages')->get($type);
$message = \Drupal::token()->replace($message, array('uc_order' => $order));
$variables['!new_username'] = isset($order->data->new_user_name) ? $order->data->new_user_name : '';
$variables['!new_password'] = isset($order->password) ? $order->password : t('Your password');
$message = strtr($message, $variables);
return array('#theme' => 'uc_cart_complete_sale', '#message' => Xss::filterAdmin($message), '#order' => $order);
}
示例7: isSimple
/**
* Determines if a string of text is considered "simple".
*
* @param string $string
* The string of text to check "simple" criteria on.
* @param int|FALSE $length
* The length of characters used to determine whether or not $string is
* considered "simple". Set explicitly to FALSE to disable this criteria.
* @param array|FALSE $allowed_tags
* An array of allowed tag elements. Set explicitly to FALSE to disable this
* criteria.
* @param bool $html
* A variable, passed by reference, that indicates whether or not the
* string contains HTML.
*
* @return bool
* Returns TRUE if the $string is considered "simple", FALSE otherwise.
*/
public static function isSimple($string, $length = 250, $allowed_tags = NULL, &$html = FALSE)
{
// Typecast to a string (if an object).
$string_clone = (string) $string;
// Use the advanced drupal_static() pattern.
static $drupal_static_fast;
if (!isset($drupal_static_fast)) {
$drupal_static_fast['strings'] =& drupal_static(__METHOD__);
}
$strings =& $drupal_static_fast['strings'];
if (!isset($strings[$string_clone])) {
$plain_string = strip_tags($string_clone);
$simple = TRUE;
if ($allowed_tags !== FALSE) {
$filtered_string = Xss::filter($string_clone, $allowed_tags);
$html = $filtered_string !== $plain_string;
$simple = $simple && $string_clone === $filtered_string;
}
if ($length !== FALSE) {
$simple = $simple && strlen($plain_string) <= intval($length);
}
$strings[$string_clone] = $simple;
}
return $strings[$string_clone];
}
示例8: build
/**
* {@inheritdoc}
*/
public function build()
{
$this->view->display_handler->preBlockBuild($this);
// We ask ViewExecutable::buildRenderable() to avoid creating a render cache
// entry for the view output by passing FALSE, because we're going to cache
// the whole block instead.
if ($output = $this->view->buildRenderable($this->displayID, [], FALSE)) {
// Override the label to the dynamic title configured in the view.
if (empty($this->configuration['views_label']) && $this->view->getTitle()) {
$output['#title'] = ['#markup' => $this->view->getTitle(), '#allowed_tags' => Xss::getHtmlTagList()];
}
// Before returning the block output, convert it to a renderable array
// with contextual links.
$this->addContextualLinks($output);
// Block module expects to get a final render array, without another
// top-level #pre_render callback. So, here we make sure that Views'
// #pre_render callback has already been applied.
$output = View::preRenderViewElement($output);
// When view_build is empty, the actual render array output for this View
// is going to be empty. In that case, return just #cache, so that the
// render system knows the reasons (cache contexts & tags) why this Views
// block is empty, and can cache it accordingly.
if (empty($output['view_build'])) {
$output = ['#cache' => $output['#cache']];
}
return $output;
}
return array();
}
示例9: buildRow
/**
* {@inheritdoc}
*/
public function buildRow(EntityInterface $entity)
{
$row = array();
$row['title'] = array('data' => $this->getLabel($entity), 'class' => array('menu-label'));
$row['description'] = Xss::filterAdmin($entity->description);
return $row + parent::buildRow($entity);
}
示例10: process
/**
* {@inheritdoc}
*/
public function process($text, $langcode)
{
$allowed_tags = array_filter($this->settings['restrictions']['allowed'], function ($value) {
return is_array($value) || (bool) $value !== FALSE;
});
return new FilterProcessResult(Xss::filter($text, array_keys($allowed_tags)));
}
示例11: execute
/**
* {@inheritdoc}
*/
public function execute($entity = NULL)
{
if (empty($this->configuration['node'])) {
$this->configuration['node'] = $entity;
}
$message = $this->token->replace(Xss::filterAdmin($this->configuration['message']), $this->configuration);
drupal_set_message($message);
}
示例12: getOptions
/**
* Returns the array of recipient handler labels.
* @todo documentation
*/
public function getOptions()
{
$handlers = $this->getDefinitions();
$allowed_values = array();
foreach ($handlers as $handler => $settings) {
$allowed_values[$handler] = Xss::filter($settings['title']);
}
return $allowed_values;
}
示例13: getTextContent
/**
* Retrieves the plain-text content from the current raw content.
*/
protected function getTextContent() {
if (!isset($this->plainTextContent)) {
$raw_content = $this->getRawContent();
// Strip everything between the HEAD tags.
$raw_content = preg_replace('@<head>(.+?)</head>@si', '', $raw_content);
$this->plainTextContent = Xss::filter($raw_content, array());
}
return $this->plainTextContent;
}
示例14: testExecutionOrder
/**
* Tests execution order of hook_form_alter() and hook_form_FORM_ID_alter().
*/
function testExecutionOrder()
{
$this->drupalGet('form-test/alter');
// Ensure that the order is first by module, then for a given module, the
// id-specific one after the generic one.
$expected = array('block_form_form_test_alter_form_alter() executed.', 'form_test_form_alter() executed.', 'form_test_form_form_test_alter_form_alter() executed.', 'system_form_form_test_alter_form_alter() executed.');
$content = preg_replace('/\\s+/', ' ', Xss::filter($this->content, array()));
$this->assert(strpos($content, implode(' ', $expected)) !== FALSE, 'Form alter hooks executed in the expected order.');
}
示例15: testCustomFieldXss
/**
* Ensure that custom field content is XSS filtered.
*/
public function testCustomFieldXss()
{
$view = Views::getView('test_view');
$view->setDisplay();
// Alter the text of the field to include XSS.
$text = '<script>alert("kittens")</script>';
$view->displayHandlers->get('default')->overrideOption('fields', array('name' => array('id' => 'name', 'table' => 'views_test_data', 'field' => 'name', 'relationship' => 'none', 'alter' => array('text' => $text))));
$this->executeView($view);
$this->assertEqual(Xss::filter($text), $view->style_plugin->getField(0, 'name'));
}