當前位置: 首頁>>代碼示例>>PHP>>正文


PHP Validate::isCleanHtml方法代碼示例

本文整理匯總了PHP中Validate::isCleanHtml方法的典型用法代碼示例。如果您正苦於以下問題:PHP Validate::isCleanHtml方法的具體用法?PHP Validate::isCleanHtml怎麽用?PHP Validate::isCleanHtml使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在Validate的用法示例。


在下文中一共展示了Validate::isCleanHtml方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。

示例1: getContent

 function getContent()
 {
     /* display the module name */
     $this->_html = '<h2>' . $this->displayName . '</h2>';
     /* update the editorial xml */
     if (isset($_POST['submitUpdate'])) {
         // Forbidden key
         $forbidden = array('submitUpdate');
         foreach ($_POST as $key => $value) {
             if (!Validate::isCleanHtml($_POST[$key])) {
                 $this->_html .= $this->displayError($this->l('Invalid html field, javascript is forbidden'));
                 $this->_displayForm();
                 return $this->_html;
             }
         }
         // Generate new XML data
         $newXml = '<?xml version=\'1.0\' encoding=\'utf-8\' ?>' . "\n";
         $newXml .= '<editorial>' . "\n";
         $newXml .= '	<header>';
         // Making header data
         foreach ($_POST as $key => $field) {
             if ($line = $this->putContent($newXml, $key, $field, $forbidden, 'header')) {
                 $newXml .= $line;
             }
         }
         $newXml .= "\n" . '	</header>' . "\n";
         $newXml .= '	<body>';
         // Making body data
         foreach ($_POST as $key => $field) {
             if ($line = $this->putContent($newXml, $key, $field, $forbidden, 'body')) {
                 $newXml .= $line;
             }
         }
         $newXml .= "\n" . '	</body>' . "\n";
         $newXml .= '</editorial>' . "\n";
         /* write it into the editorial xml file */
         if ($fd = @fopen(dirname(__FILE__) . '/editorial.xml', 'w')) {
             if (!@fwrite($fd, $newXml)) {
                 $this->_html .= $this->displayError($this->l('Unable to write to the editor file.'));
             }
             if (!@fclose($fd)) {
                 $this->_html .= $this->displayError($this->l('Can\'t close the editor file.'));
             }
         } else {
             $this->_html .= $this->displayError($this->l('Unable to update the editor file.<br />Please check the editor file\'s writing permissions.'));
         }
         /* upload the image */
         if (isset($_FILES['body_homepage_logo']) and isset($_FILES['body_homepage_logo']['tmp_name']) and !empty($_FILES['body_homepage_logo']['tmp_name'])) {
             Configuration::set('PS_IMAGE_GENERATION_METHOD', 1);
             if ($error = checkImage($_FILES['body_homepage_logo'], $this->maxImageSize)) {
                 $this->_html .= $error;
             } elseif (!imageResize($_FILES['body_homepage_logo'], dirname(__FILE__) . '/homepage_logo.jpg')) {
                 $this->_html .= $this->displayError($this->l('An error occurred during the image upload.'));
             }
         }
     }
     /* display the editorial's form */
     $this->_displayForm();
     return $this->_html;
 }
開發者ID:vinitha,項目名稱:acsmartsite,代碼行數:60,代碼來源:editorial.php

示例2: smartyText

function smartyText($data)
{
    // Prevent xss injection.
    if (Validate::isCleanHtml($data)) {
        return stripslashes(preg_replace('/\\v+|\\\\[rn]/', '<br/>', $data));
    }
    return '';
}
開發者ID:jessylenne,項目名稱:sf2-technical-test,代碼行數:8,代碼來源:smarty.inc.php

示例3: initContent

 public function initContent()
 {
     parent::initContent();
     if (Tools::isSubmit('submitMessage')) {
         $message = Tools::getValue('message');
         // Html entities is not usefull, iscleanHtml check there is no bad html tags.
         $phone = Tools::getValue('tel');
         $mobile = Tools::getValue('mobile');
         if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
             $this->errors[] = Tools::displayError('Invalid email address.');
         } else {
             if (!$message) {
                 $this->errors[] = Tools::displayError('The message cannot be blank.');
             } else {
                 if (!Validate::isCleanHtml($message)) {
                     $this->errors[] = Tools::displayError('Invalid message');
                 } else {
                     if (!Validate::isPhoneNumber($phone)) {
                         $this->errors[] = Tools::displayError('Invalid phone number.');
                     } else {
                         if (!Validate::isPhoneNumber($mobile)) {
                             $this->errors[] = Tools::displayError('Invalid Mobile number.');
                         }
                     }
                 }
             }
         }
         //		var_dump($this->errors,empty($this->errors));
         if (empty($this->errors)) {
             $id_product = Tools::getValue('product_id');
             //var_dump($id_product);
             $product = new Product($id_product);
             //var_dump($product);
             $product_name = '';
             $item_number = '';
             if (Validate::isLoadedObject($product) && isset($product->name[(int) $this->context->language->id])) {
                 $product_name = $product->name[(int) $this->context->language->id];
                 $item_number = $product->item_number;
             }
             $data = array('{name}' => Tools::getValue('name'), '{phone}' => $phone, '{mobile}' => $mobile, '{message}' => $message, '{item_number}' => $item_number, '{product}' => $product_name, '{date}' => date('Y-m-d H:i:s'), '{email}' => $from);
             $sampleObj = new requestsample();
             $sampleObj->sendmail($data, $from, (int) $this->context->language->id, 'request_quote', 'New Request for Quote');
             $this->context->smarty->assign('confirmation', 1);
         }
     }
     $this->context->smarty->assign('product_id', $_GET['pr_id']);
     $this->setTemplate('quote_form.tpl');
 }
開發者ID:Eximagen,項目名稱:3m,代碼行數:48,代碼來源:quote.php

示例4: update

    public function update($nullValues = false)
    {
        $ishtml = false;
        foreach ($this->value as $i18n_value) {
            if (Validate::isCleanHtml($i18n_value)) {
                $ishtml = true;
                break;
            }
        }
        Configuration::updateValue($this->name, $this->value, $ishtml);
        $last_insert = Db::getInstance()->getRow('
			SELECT `id_configuration` AS id
			FROM `' . _DB_PREFIX_ . 'configuration`
			WHERE `name` = \'' . pSQL($this->name) . '\'');
        if ($last_insert) {
            $this->id = $last_insert['id'];
        }
        return true;
    }
開發者ID:ramzzes52,項目名稱:Uni3,代碼行數:19,代碼來源:TranslatedConfiguration.php

示例5: processUpdateOptions

 /**
  * @see AdminController::processUpdateOptions()
  */
 public function processUpdateOptions()
 {
     if ($this->isGeoLiteCityAvailable()) {
         Configuration::updateValue('PS_GEOLOCATION_ENABLED', (int) Tools::getValue('PS_GEOLOCATION_ENABLED'));
     } elseif (Tools::getValue('PS_GEOLOCATION_ENABLED')) {
         $this->errors[] = $this->trans('The geolocation database is unavailable.', array(), 'Admin.International.Notification');
     }
     if (empty($this->errors)) {
         if (!is_array(Tools::getValue('countries')) || !count(Tools::getValue('countries'))) {
             $this->errors[] = $this->trans('Country selection is invalid.', array(), 'Admin.International.Notification');
         } else {
             Configuration::updateValue('PS_GEOLOCATION_BEHAVIOR', !(int) Tools::getValue('PS_GEOLOCATION_BEHAVIOR') ? _PS_GEOLOCATION_NO_CATALOG_ : _PS_GEOLOCATION_NO_ORDER_);
             Configuration::updateValue('PS_GEOLOCATION_NA_BEHAVIOR', (int) Tools::getValue('PS_GEOLOCATION_NA_BEHAVIOR'));
             Configuration::updateValue('PS_ALLOWED_COUNTRIES', implode(';', Tools::getValue('countries')));
         }
         if (!Validate::isCleanHtml(Tools::getValue('PS_GEOLOCATION_WHITELIST'))) {
             $this->errors[] = $this->trans('Invalid whitelist', array(), 'Admin.International.Notification');
         } else {
             Configuration::updateValue('PS_GEOLOCATION_WHITELIST', str_replace("\n", ';', str_replace("\r", '', Tools::getValue('PS_GEOLOCATION_WHITELIST'))));
         }
     }
     return parent::processUpdateOptions();
 }
開發者ID:M03G,項目名稱:PrestaShop,代碼行數:26,代碼來源:AdminGeolocationController.php

示例6: postProcess

    /**
     * Start forms process
     * @see FrontController::postProcess()
     */
    public function postProcess()
    {
        if (Tools::isSubmit('submitMessage')) {
            $fileAttachment = null;
            if (isset($_FILES['fileUpload']['name']) && !empty($_FILES['fileUpload']['name']) && !empty($_FILES['fileUpload']['tmp_name'])) {
                $extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
                $filename = uniqid() . substr($_FILES['fileUpload']['name'], -5);
                $fileAttachment['content'] = file_get_contents($_FILES['fileUpload']['tmp_name']);
                $fileAttachment['name'] = $_FILES['fileUpload']['name'];
                $fileAttachment['mime'] = $_FILES['fileUpload']['type'];
            }
            $message = Tools::getValue('message');
            // Html entities is not usefull, iscleanHtml check there is no bad html tags.
            if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
                $this->errors[] = Tools::displayError('Invalid e-mail address');
            } else {
                if (!$message) {
                    $this->errors[] = Tools::displayError('Message cannot be blank');
                } else {
                    if (!Validate::isCleanHtml($message)) {
                        $this->errors[] = Tools::displayError('Invalid message');
                    } else {
                        if (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
                            $this->errors[] = Tools::displayError('Please select a subject from the list.');
                        } else {
                            if (!empty($_FILES['fileUpload']['name']) && $_FILES['fileUpload']['error'] != 0) {
                                $this->errors[] = Tools::displayError('An error occurred during the file upload');
                            } else {
                                if (!empty($_FILES['fileUpload']['name']) && !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) && !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
                                    $this->errors[] = Tools::displayError('Bad file extension');
                                } else {
                                    $customer = $this->context->customer;
                                    if (!$customer->id) {
                                        $customer->getByEmail($from);
                                    }
                                    $contact = new Contact($id_contact, $this->context->language->id);
                                    if (!(($id_customer_thread = (int) Tools::getValue('id_customer_thread')) && (int) Db::getInstance()->getValue('
						SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
						WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') || ($id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, (int) Tools::getValue('id_order'))))) {
                                        $fields = Db::getInstance()->executeS('
					SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
					FROM ' . _DB_PREFIX_ . 'customer_thread cm
					WHERE email = \'' . pSQL($from) . '\' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . '
						id_order = ' . (int) Tools::getValue('id_order') . ')');
                                        $score = 0;
                                        foreach ($fields as $key => $row) {
                                            $tmp = 0;
                                            if ((int) $row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) {
                                                continue;
                                            }
                                            if ($row['id_order'] != 0 && Tools::getValue('id_order') != $row['id_order']) {
                                                continue;
                                            }
                                            if ($row['email'] == $from) {
                                                $tmp += 4;
                                            }
                                            if ($row['id_contact'] == $id_contact) {
                                                $tmp++;
                                            }
                                            if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) {
                                                $tmp += 2;
                                            }
                                            if ($tmp >= 5 && $tmp >= $score) {
                                                $score = $tmp;
                                                $id_customer_thread = $row['id_customer_thread'];
                                            }
                                        }
                                    }
                                    $old_message = Db::getInstance()->getValue('
					SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm
					LEFT JOIN ' . _DB_PREFIX_ . 'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread)
					WHERE cc.id_customer_thread = ' . (int) $id_customer_thread . ' AND cc.id_shop = ' . (int) $this->context->shop->id . '
					ORDER BY cm.date_add DESC');
                                    if ($old_message == $message) {
                                        $this->context->smarty->assign('alreadySent', 1);
                                        $contact->email = '';
                                        $contact->customer_service = 0;
                                    }
                                    if (!empty($contact->email)) {
                                        $id_order = (int) Tools::getValue('id_order', 0);
                                        $order = new Order($id_order);
                                        $mail_var_list = array('{email}' => $from, '{message}' => Tools::nl2br(stripslashes($message)), '{id_order}' => $id_order, '{order_name}' => $order->getUniqReference(), '{attached_file}' => isset($_FILES['fileUpload'], $_FILES['fileUpload']['name']) ? $_FILES['fileUpload']['name'] : '');
                                        if (Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form'), $mail_var_list, $contact->email, $contact->name, $from, $customer->id ? $customer->firstname . ' ' . $customer->lastname : '', $fileAttachment) && Mail::Send($this->context->language->id, 'contact_form', Mail::l('Your message has been correctly sent'), $mail_var_list, $from)) {
                                            $this->context->smarty->assign('confirmation', 1);
                                        } else {
                                            $this->errors[] = Tools::displayError('An error occurred while sending message.');
                                        }
                                    }
                                    if ($contact->customer_service) {
                                        if ((int) $id_customer_thread) {
                                            $ct = new CustomerThread($id_customer_thread);
                                            $ct->status = 'open';
                                            $ct->id_lang = (int) $this->context->language->id;
                                            $ct->id_contact = (int) $id_contact;
                                            if ($id_order = (int) Tools::getValue('id_order')) {
                                                $ct->id_order = $id_order;
//.........這裏部分代碼省略.........
開發者ID:jicheng17,項目名稱:pengwine,代碼行數:101,代碼來源:ContactController.php

示例7: renderFormAddress

 public function renderFormAddress()
 {
     // Change table and className for addresses
     $this->table = 'address';
     $this->className = 'Address';
     $id_address = Tools::getValue('id_address');
     // Create Object Address
     $address = new Address($id_address);
     $res = $address->getFieldsRequiredDatabase();
     $required_fields = array();
     foreach ($res as $row) {
         $required_fields[(int) $row['id_required_field']] = $row['field_name'];
     }
     $form = array('legend' => array('title' => $this->l('Addresses'), 'icon' => 'icon-building'));
     if (!$address->id_manufacturer || !Manufacturer::manufacturerExists($address->id_manufacturer)) {
         $form['input'][] = array('type' => 'select', 'label' => $this->l('Choose the manufacturer'), 'name' => 'id_manufacturer', 'options' => array('query' => Manufacturer::getManufacturers(), 'id' => 'id_manufacturer', 'name' => 'name'));
     } else {
         $form['input'][] = array('type' => 'text', 'label' => $this->l('Manufacturer'), 'name' => 'name', 'col' => 4, 'disabled' => true);
         $form['input'][] = array('type' => 'hidden', 'name' => 'id_manufacturer');
     }
     $form['input'][] = array('type' => 'hidden', 'name' => 'alias');
     $form['input'][] = array('type' => 'hidden', 'name' => 'id_address');
     if (in_array('company', $required_fields)) {
         $form['input'][] = array('type' => 'text', 'label' => $this->l('Company'), 'name' => 'company', 'display' => in_array('company', $required_fields), 'required' => in_array('company', $required_fields), 'maxlength' => 16, 'col' => 4, 'hint' => $this->l('Company name for this supplier'));
     }
     $form['input'][] = array('type' => 'text', 'label' => $this->l('Last name'), 'name' => 'lastname', 'required' => true, 'col' => 4, 'hint' => $this->l('Invalid characters:') . ' 0-9!&lt;&gt;,;?=+()@#"�{}_$%:');
     $form['input'][] = array('type' => 'text', 'label' => $this->l('First name'), 'name' => 'firstname', 'required' => true, 'col' => 4, 'hint' => $this->l('Invalid characters:') . ' 0-9!&lt;&gt;,;?=+()@#"�{}_$%:');
     $form['input'][] = array('type' => 'text', 'label' => $this->l('Address'), 'name' => 'address1', 'col' => 6, 'required' => true);
     $form['input'][] = array('type' => 'text', 'label' => $this->l('Address (2)'), 'name' => 'address2', 'col' => 6, 'required' => in_array('address2', $required_fields));
     $form['input'][] = array('type' => 'text', 'label' => $this->l('Zip/postal code'), 'name' => 'postcode', 'col' => 2, 'required' => in_array('postcode', $required_fields));
     $form['input'][] = array('type' => 'text', 'label' => $this->l('City'), 'name' => 'city', 'col' => 4, 'required' => true);
     $form['input'][] = array('type' => 'select', 'label' => $this->l('Country'), 'name' => 'id_country', 'required' => false, 'default_value' => (int) $this->context->country->id, 'col' => 4, 'options' => array('query' => Country::getCountries($this->context->language->id), 'id' => 'id_country', 'name' => 'name'));
     $form['input'][] = array('type' => 'select', 'label' => $this->l('State'), 'name' => 'id_state', 'required' => false, 'col' => 4, 'options' => array('query' => array(), 'id' => 'id_state', 'name' => 'name'));
     $form['input'][] = array('type' => 'text', 'label' => $this->l('Home phone'), 'name' => 'phone', 'col' => 4, 'required' => in_array('phone', $required_fields));
     $form['input'][] = array('type' => 'text', 'label' => $this->l('Mobile phone'), 'name' => 'phone_mobile', 'col' => 4, 'required' => in_array('phone_mobile', $required_fields));
     $form['input'][] = array('type' => 'textarea', 'label' => $this->l('Other'), 'name' => 'other', 'required' => false, 'hint' => $this->l('Forbidden characters:') . ' &lt;&gt;;=#{}', 'rows' => 2, 'cols' => 10, 'col' => 6);
     $form['submit'] = array('title' => $this->l('Save'));
     $this->fields_value = array('name' => Manufacturer::getNameById($address->id_manufacturer), 'alias' => 'manufacturer', 'id_country' => $address->id_country);
     $this->initToolbar();
     $this->fields_form[0]['form'] = $form;
     $this->getlanguages();
     $helper = new HelperForm();
     $helper->show_cancel_button = true;
     $back = Tools::safeOutput(Tools::getValue('back', ''));
     if (empty($back)) {
         $back = self::$currentIndex . '&token=' . $this->token;
     }
     if (!Validate::isCleanHtml($back)) {
         die(Tools::displayError());
     }
     $helper->back_url = $back;
     $helper->currentIndex = self::$currentIndex;
     $helper->token = $this->token;
     $helper->table = $this->table;
     $helper->identifier = $this->identifier;
     $helper->title = $this->l('Edit Addresses');
     $helper->id = $address->id;
     $helper->toolbar_scroll = true;
     $helper->languages = $this->_languages;
     $helper->default_form_language = $this->default_form_language;
     $helper->allow_employee_form_lang = $this->allow_employee_form_lang;
     $helper->fields_value = $this->getFieldsValue($address);
     $helper->toolbar_btn = $this->toolbar_btn;
     $this->content .= $helper->generateForm($this->fields_form);
 }
開發者ID:carloslastresDev,項目名稱:HealthyTaiwan_UsingPrestaShop,代碼行數:65,代碼來源:AdminManufacturersController.php

示例8: foreach

    if (is_array($states) and !empty($states)) {
        $list = '';
        if (Tools::getValue('no_empty') != true) {
            $list = '<option value="0">-----------</option>' . "\n";
        }
        foreach ($states as $state) {
            $list .= '<option value="' . (int) $state['id_state'] . '"' . ((isset($_GET['id_state']) and $_GET['id_state'] == $state['id_state']) ? ' selected="selected"' : '') . '>' . $state['name'] . '</option>' . "\n";
        }
    } else {
        $list = 'false';
    }
    die($list);
}
if (Tools::isSubmit('submitCustomerNote') and $id_customer = (int) Tools::getValue('id_customer')) {
    $note = html_entity_decode(Tools::getValue('note'));
    if (!empty($note) and !Validate::isCleanHtml($note)) {
        die('error:validation');
    }
    if (!Db::getInstance()->Execute('UPDATE ' . _DB_PREFIX_ . 'customer SET `note` = "' . pSQL($note, true) . '" WHERE id_customer = ' . (int) $id_customer . ' LIMIT 1')) {
        die('error:update');
    }
    die('ok');
}
if (Tools::getValue('form_language_id')) {
    if (!($cookie->employee_form_lang = (int) Tools::getValue('form_language_id'))) {
        die('Error while updating cookie.');
    }
    die('Form language updated.');
}
if (Tools::getValue('submitPublishProduct')) {
    global $cookie;
開發者ID:priyankajsr19,項目名稱:indusdiva2,代碼行數:31,代碼來源:ajax.php

示例9: renderForm

 /**
  * Function used to render the form for this controller
  */
 public function renderForm()
 {
     if (!$this->default_form_language) {
         $this->getLanguages();
     }
     if (Tools::getValue('submitFormAjax')) {
         $this->content .= $this->context->smarty->fetch('form_submit_ajax.tpl');
     }
     if ($this->fields_form && is_array($this->fields_form)) {
         if (!$this->multiple_fieldsets) {
             $this->fields_form = array(array('form' => $this->fields_form));
         }
         // For add a fields via an override of $fields_form, use $fields_form_override
         if (is_array($this->fields_form_override) && !empty($this->fields_form_override)) {
             $this->fields_form[0]['form']['input'] = array_merge($this->fields_form[0]['form']['input'], $this->fields_form_override);
         }
         $fields_value = $this->getFieldsValue($this->object);
         Hook::exec('action' . $this->controller_name . 'FormModifier', array('fields' => &$this->fields_form, 'fields_value' => &$fields_value, 'form_vars' => &$this->tpl_form_vars));
         $helper = new HelperForm($this);
         $this->setHelperDisplay($helper);
         $helper->fields_value = $fields_value;
         $helper->submit_action = $this->submit_action;
         $helper->tpl_vars = $this->getTemplateFormVars();
         $helper->show_cancel_button = isset($this->show_form_cancel_button) ? $this->show_form_cancel_button : $this->display == 'add' || $this->display == 'edit';
         $back = Tools::safeOutput(Tools::getValue('back', ''));
         if (empty($back)) {
             $back = self::$currentIndex . '&token=' . $this->token;
         }
         if (!Validate::isCleanHtml($back)) {
             die(Tools::displayError());
         }
         $helper->back_url = $back;
         !is_null($this->base_tpl_form) ? $helper->base_tpl = $this->base_tpl_form : '';
         if ($this->tabAccess['view']) {
             if (Tools::getValue('back')) {
                 $helper->tpl_vars['back'] = Tools::safeOutput(Tools::getValue('back'));
             } else {
                 $helper->tpl_vars['back'] = Tools::safeOutput(Tools::getValue(self::$currentIndex . '&token=' . $this->token));
             }
         }
         $form = $helper->generateForm($this->fields_form);
         return $form;
     }
 }
開發者ID:ramzzes52,項目名稱:Uni3,代碼行數:47,代碼來源:AdminController.php

示例10: addNewPrivateMessage

 /**
  * Adds a new private message for the Admin
  */
 public function addNewPrivateMessage($order_id, $message)
 {
     if (!(bool) $order_id) {
         return false;
     }
     $new_message = new Message();
     $message = strip_tags($message, '<br>');
     if (!Validate::isCleanHtml($message)) {
         $message = $this->l('Payment message is not valid, please check your module.');
     }
     $new_message->message = $message;
     $new_message->id_order = $order_id;
     $new_message->private = 1;
     return $new_message->add();
 }
開發者ID:juniorhq88,項目名稱:PrestaShop-modules,代碼行數:18,代碼來源:bluepay.php

示例11: addItem

    protected function addItem()
    {
        $title = Tools::getValue('item_title');
        $content = Tools::getValue('item_html');
        if (!Validate::isCleanHtml($title, (int) Configuration::get('PS_ALLOW_HTML_IFRAME')) || !Validate::isCleanHtml($content, (int) Configuration::get('PS_ALLOW_HTML_IFRAME'))) {
            $this->context->smarty->assign('error', $this->l('Invalid content'));
            return false;
        }
        if (!($current_order = (int) Db::getInstance()->getValue('
			SELECT item_order + 1
			FROM `' . _DB_PREFIX_ . 'themeconfigurator`
			WHERE
				id_shop = ' . (int) $this->context->shop->id . '
				AND id_lang = ' . (int) Tools::getValue('id_lang') . '
				AND hook = \'' . pSQL(Tools::getValue('item_hook')) . '\'
				ORDER BY item_order DESC'))) {
            $current_order = 1;
        }
        $image_w = is_numeric(Tools::getValue('item_img_w')) ? (int) Tools::getValue('item_img_w') : '';
        $image_h = is_numeric(Tools::getValue('item_img_h')) ? (int) Tools::getValue('item_img_h') : '';
        if (!empty($_FILES['item_img']['name'])) {
            if (!($image = $this->uploadImage($_FILES['item_img'], $image_w, $image_h))) {
                return false;
            }
        } else {
            $image = '';
            $image_w = '';
            $image_h = '';
        }
        if (!Db::getInstance()->Execute('
			INSERT INTO `' . _DB_PREFIX_ . 'themeconfigurator` (
					`id_shop`, `id_lang`, `item_order`, `title`, `title_use`, `hook`, `url`, `target`, `image`, `image_w`, `image_h`, `html`, `active`
			) VALUES (
					\'' . (int) $this->context->shop->id . '\',
					\'' . (int) Tools::getValue('id_lang') . '\',
					\'' . (int) $current_order . '\',
					\'' . pSQL($title) . '\',
					\'' . (int) Tools::getValue('item_title_use') . '\',
					\'' . pSQL(Tools::getValue('item_hook')) . '\',
					\'' . pSQL(Tools::getValue('item_url')) . '\',
					\'' . (int) Tools::getValue('item_target') . '\',
					\'' . pSQL($image) . '\',
					\'' . pSQL($image_w) . '\',
					\'' . pSQL($image_h) . '\',
					\'' . pSQL($this->filterVar($content), true) . '\',
					1)')) {
            if (!Tools::isEmpty($image)) {
                $this->deleteImage($image);
            }
            $this->context->smarty->assign('error', $this->l('An error occurred while saving data.'));
            return false;
        }
        $this->context->smarty->assign('confirmation', $this->l('New item successfully added.'));
        return true;
    }
開發者ID:AlexEven,項目名稱:themeconfigurator,代碼行數:55,代碼來源:themeconfigurator.php

示例12: getHeaderParams

 /**
  * @param null|string $key if null get all header params otherwise the params specified by the key
  * @throw WebserviceException if the key is corrupted (use Validate::isCleanHtml method)
  * @throw WebserviceException if the asked key does'nt exists.
  * @return array|string
  */
 public function getHeaderParams($key = null)
 {
     $return = '';
     if (!is_null($key)) {
         if (!Validate::isCleanHtml($key)) {
             throw new WebserviceException('the key you write is a corrupted text.', array(95, 500));
         }
         if (!array_key_exists($key, $this->headerParams)) {
             throw new WebserviceException(sprintf('The key %s does\'nt exist', $key), array(96, 500));
         }
         $return = $this->headerParams[$key];
     } else {
         $return = $this->headerParams;
     }
     return $return;
 }
開發者ID:Evil1991,項目名稱:PrestaShop-1.4,代碼行數:22,代碼來源:WebserviceOutputBuilder.php

示例13: addMessage

 /**
  * Add order private message.
  *
  * @param $text
  * @return bool
  */
 public function addMessage($text)
 {
     $message = new Message();
     $text = strip_tags($text, '<br>');
     if (!Validate::isCleanHtml($text)) {
         $text = 'Invalid payment message.';
     }
     $message->message = $text;
     $message->id_order = (int) $this->getOrderId();
     $message->private = 1;
     return $message->add();
 }
開發者ID:payfort,項目名稱:prestashop-payfort,代碼行數:18,代碼來源:Order.php

示例14: processAddAttachments

 /**
  * Method processAddAttachments() : Change name of file which are uploaded for this product
  * Rules:
  *      - For the first upload the filename has been : name-of-product.extention
  *      - For the second upload : name-of-product-1.extention
  *      - ...
  *
  * @module now_seo_links
  * @return void
  *
  * @see AdminProductsControllerCore::processAddAttachments()
  */
 public function processAddAttachments()
 {
     $languages = Language::getLanguages(false);
     $is_attachment_name_valid = false;
     foreach ($languages as $language) {
         $attachment_name_lang = Tools::getValue('attachment_name_' . (int) $language['id_lang']);
         if (Tools::strlen($attachment_name_lang) > 0) {
             $is_attachment_name_valid = true;
         }
         if (!Validate::isGenericName(Tools::getValue('attachment_name_' . (int) $language['id_lang']))) {
             $this->errors[] = Tools::displayError('Invalid Name');
         } elseif (Tools::strlen(Tools::getValue('attachment_name_' . (int) $language['id_lang'])) > 32) {
             $this->errors[] = sprintf(Tools::displayError('The name is too long (%d chars max).'), 32);
         }
         if (!Validate::isCleanHtml(Tools::getValue('attachment_description_' . (int) $language['id_lang']))) {
             $this->errors[] = Tools::displayError('Invalid description');
         }
     }
     if (!$is_attachment_name_valid) {
         $this->errors[] = Tools::displayError('An attachment name is required.');
     }
     if (empty($this->errors)) {
         if (isset($_FILES['attachment_file']) && is_uploaded_file($_FILES['attachment_file']['tmp_name'])) {
             if ($_FILES['attachment_file']['size'] > Configuration::get('PS_ATTACHMENT_MAXIMUM_SIZE') * 1024 * 1024) {
                 $this->errors[] = sprintf($this->l('The file is too large. Maximum size allowed is: %1$d kB. The file you\'re trying to upload is: %2$d kB.'), Configuration::get('PS_ATTACHMENT_MAXIMUM_SIZE') * 1024, number_format($_FILES['attachment_file']['size'] / 1024, 2, '.', ''));
             } else {
                 do {
                     $uniqid = sha1(microtime());
                 } while (file_exists(_PS_DOWNLOAD_DIR_ . $uniqid));
                 if (!copy($_FILES['attachment_file']['tmp_name'], _PS_DOWNLOAD_DIR_ . $uniqid)) {
                     $this->errors[] = $this->l('File copy failed');
                 }
                 @unlink($_FILES['attachment_file']['tmp_name']);
             }
         } elseif ((int) $_FILES['attachment_file']['error'] === 1) {
             $max_upload = (int) ini_get('upload_max_filesize');
             $max_post = (int) ini_get('post_max_size');
             $upload_mb = min($max_upload, $max_post);
             $this->errors[] = sprintf($this->l('The file %1$s exceeds the size allowed by the server. The limit is set to %2$d MB.'), '<b>' . $_FILES['attachment_file']['name'] . '</b> ', '<b>' . $upload_mb . '</b>');
         } else {
             $this->errors[] = Tools::displayError('The file is missing.');
         }
         if (empty($this->errors) && isset($uniqid)) {
             $attachment = new Attachment();
             foreach ($languages as $language) {
                 if (Tools::getIsset('attachment_name_' . (int) $language['id_lang'])) {
                     $attachment->name[(int) $language['id_lang']] = Tools::getValue('attachment_name_' . (int) $language['id_lang']);
                 }
                 if (Tools::getIsset('attachment_description_' . (int) $language['id_lang'])) {
                     $attachment->description[(int) $language['id_lang']] = Tools::getValue('attachment_description_' . (int) $language['id_lang']);
                 }
             }
             if (Tools::getIsset('name_' . (int) Configuration::get('PS_LANG_DEFAULT'))) {
                 $sFilename = $_FILES['attachment_file']['name'];
                 $sExtention = substr($sFilename, strrpos($sFilename, '.') + 1);
                 $attachment->file_name = Tools::link_rewrite(trim(Tools::getValue('name_' . (int) Configuration::get('PS_LANG_DEFAULT'))));
                 // On regarde si c'est le premier document joint au produit ou pas
                 $aAttachmentOfProduct = $attachment->getAttachments(Context::getContext()->language->id, (int) Tools::getValue('id_product'));
                 $iNb = count($aAttachmentOfProduct);
                 if ($iNb > 0) {
                     $attachment->file_name .= '-' . $iNb;
                 }
                 $attachment->file_name .= '.' . $sExtention;
             }
             $attachment->file = $uniqid;
             $attachment->mime = $_FILES['attachment_file']['type'];
             if (empty($attachment->mime) || Tools::strlen($attachment->mime) > 128) {
                 $this->errors[] = Tools::displayError('Invalid file extension');
             }
             if (!Validate::isGenericName($attachment->file_name)) {
                 $this->errors[] = Tools::displayError('Invalid file name');
             }
             if (Tools::strlen($attachment->file_name) > 128) {
                 $this->errors[] = Tools::displayError('The file name is too long.');
             }
             if (empty($this->errors)) {
                 $res = $attachment->add();
                 if (!$res) {
                     $this->errors[] = Tools::displayError('This attachment was unable to be loaded into the database.');
                 } else {
                     $id_product = (int) Tools::getValue($this->identifier);
                     $res = $attachment->attachProduct($id_product);
                     if (!$res) {
                         $this->errors[] = Tools::displayError('We were unable to associate this attachment to a product.');
                     }
                 }
             } else {
                 $this->errors[] = Tools::displayError('Invalid file');
//.........這裏部分代碼省略.........
開發者ID:TheTypoMaster,項目名稱:neonflexible,代碼行數:101,代碼來源:AdminProductsController.php

示例15: displayOptionsList

    /**
     * Options lists
     */
    public function displayOptionsList()
    {
        $tab = Tab::getTab($this->context->language->id, $this->id);
        // Retrocompatibility < 1.5.0
        if (!$this->optionsList && $this->_fieldsOptions) {
            $this->optionsList = array('options' => array('title' => $this->optionTitle ? $this->optionTitle : $this->l('Options'), 'fields' => $this->_fieldsOptions));
        }
        if (!$this->optionsList) {
            return;
        }
        echo '<br />';
        echo '<script type="text/javascript">
			id_language = Number(' . $this->context->language->id . ');
		</script>';
        $action = Tools::safeOutput(self::$currentIndex . '&submitOptions' . $this->table . '=1&token=' . $this->token);
        echo '<form action="' . $action . '" method="post" enctype="multipart/form-data">';
        foreach ($this->optionsList as $category => $categoryData) {
            $required = false;
            $this->displayTopOptionCategory($category, $categoryData);
            echo '<fieldset>';
            // Options category title
            $legend = '<img src="' . (!empty($tab['module']) && file_exists($_SERVER['DOCUMENT_ROOT'] . _MODULE_DIR_ . $tab['module'] . '/' . $tab['class_name'] . '.gif') ? _MODULE_DIR_ . $tab['module'] . '/' : '../img/t/') . $tab['class_name'] . '.gif" /> ';
            $legend .= isset($categoryData['title']) ? $categoryData['title'] : $this->l('Options');
            echo '<legend>' . $legend . '</legend>';
            // Category fields
            if (!isset($categoryData['fields'])) {
                continue;
            }
            // Category description
            if (isset($categoryData['description']) && $categoryData['description']) {
                echo '<p class="optionsDescription">' . $categoryData['description'] . '</p>';
            }
            foreach ($categoryData['fields'] as $key => $field) {
                // Field value
                $value = Tools::getValue($key, Configuration::get($key));
                if (!Validate::isCleanHtml($value)) {
                    $value = Configuration::get($key);
                }
                if (isset($field['defaultValue']) && !$value) {
                    $value = $field['defaultValue'];
                }
                // Check if var is invisible (can't edit it in current shop context), or disable (use default value for multishop)
                $isDisabled = $isInvisible = false;
                if (Shop::isFeatureActive()) {
                    if (isset($field['visibility']) && $field['visibility'] > Shop::getContext()) {
                        $isDisabled = true;
                        $isInvisible = true;
                    } elseif (Shop::getContext() != Shop::CONTEXT_ALL && !Configuration::isOverridenByCurrentContext($key)) {
                        $isDisabled = true;
                    }
                }
                // Display title
                echo '<div style="clear: both; padding-top:15px;" id="conf_id_' . $key . '" ' . ($isInvisible ? 'class="isInvisible"' : '') . '>';
                if ($field['title']) {
                    echo '<label class="conf_title">';
                    // Is this field required ?
                    if (isset($field['required']) && $field['required']) {
                        $required = true;
                        echo '<sup>*</sup> ';
                    }
                    echo $field['title'] . '</label>';
                }
                echo '<div class="margin-form" style="padding-top:5px;">';
                // Display option inputs
                $method = 'displayOptionType' . Tools::toCamelCase($field['type'], true);
                if (!method_exists($this, $method)) {
                    $this->displayOptionTypeText($key, $field, $value);
                } else {
                    $this->{$method}($key, $field, $value);
                }
                // Multishop default value
                if (Shop::isFeatureActive() && Shop::getContext() != Shop::CONTEXT_ALL && !$isInvisible) {
                    echo '<div class="preference_default_multishop">
							<label>
								<input type="checkbox" name="multishopOverrideOption[' . $key . ']" value="1" ' . ($isDisabled ? 'checked="checked"' : '') . ' onclick="checkMultishopDefaultValue(this, \'' . $key . '\')" /> ' . $this->l('Use default value') . '
							</label>
						</div>';
                }
                // Field description
                //echo (isset($field['desc']) ? '<p class="preference_description">'.((isset($field['thumb']) AND $field['thumb'] AND $field['thumb']['pos'] == 'after') ? '<img src="'.$field['thumb']['file'].'" alt="'.$field['title'].'" title="'.$field['title'].'" style="float:left;" />' : '' ).$field['desc'].'</p>' : '');
                echo isset($field['desc']) ? '<p class="preference_description">' . $field['desc'] . '</p>' : '';
                // Is this field invisible in current shop context ?
                echo $isInvisible ? '<p class="multishop_warning">' . $this->l('You cannot change the value of this configuration field in this shop context') . '</p>' : '';
                echo '</div></div>';
            }
            echo '<div align="center" style="margin-top: 20px;">';
            echo '<input type="submit" value="' . $this->l('   Save   ') . '" name="submit' . ucfirst($category) . $this->table . '" class="button" />';
            echo '</div>';
            if ($required) {
                echo '<div class="small"><sup>*</sup> ' . $this->l('Required field') . '</div>';
            }
            echo '</fieldset><br />';
            $this->displayBottomOptionCategory($category, $categoryData);
        }
        echo '</form>';
    }
開發者ID:abdoumej,項目名稱:libsamy,代碼行數:99,代碼來源:AdminTab.php


注:本文中的Validate::isCleanHtml方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。