當前位置: 首頁>>代碼示例>>PHP>>正文


PHP GeneralUtility::removeXSS方法代碼示例

本文整理匯總了PHP中TYPO3\CMS\Core\Utility\GeneralUtility::removeXSS方法的典型用法代碼示例。如果您正苦於以下問題:PHP GeneralUtility::removeXSS方法的具體用法?PHP GeneralUtility::removeXSS怎麽用?PHP GeneralUtility::removeXSS使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在TYPO3\CMS\Core\Utility\GeneralUtility的用法示例。


在下文中一共展示了GeneralUtility::removeXSS方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。

示例1: filter

 /**
  * Return filtered value
  * Removes potential XSS code from the input string.
  *
  * Using an external class by Travis Puderbaugh <kallahar@quickwired.com>
  *
  * @param string $value Unfiltered value
  * @return string The filtered value
  */
 public function filter($value)
 {
     $value = stripslashes($value);
     $value = html_entity_decode($value, ENT_QUOTES);
     $filteredValue = \TYPO3\CMS\Core\Utility\GeneralUtility::removeXSS($value);
     return $filteredValue;
 }
開發者ID:nicksergio,項目名稱:TYPO3v4-Core,代碼行數:16,代碼來源:RemoveXssFilter.php

示例2: removeXSSStripTagsArray

 /**
  * Removes XSS code and strips tags from an array recursivly.
  *
  * @param string $input Array of elements or other
  *
  * @return bool|array is an array, otherwise false
  */
 public static function removeXSSStripTagsArray($input)
 {
     /*
      * In Some cases this function is called with an empty variable, there
      * for check the Value and the type
      */
     if (!isset($input)) {
         return null;
     }
     if (is_bool($input)) {
         return $input;
     }
     if (is_string($input)) {
         return (string) CoreGeneralUtility::removeXSS(strip_tags($input));
     }
     if (is_array($input)) {
         $returnValue = array();
         foreach ($input as $key => $value) {
             if (is_array($value)) {
                 $returnValue[$key] = self::removeXSSStripTagsArray($value);
             } else {
                 $returnValue[$key] = CoreGeneralUtility::removeXSS(strip_tags($value));
             }
         }
         return $returnValue;
     }
     return false;
 }
開發者ID:BenjaminBeck,項目名稱:commerce,代碼行數:35,代碼來源:GeneralUtility.php

示例3: render

 /**
  * Removes XSS from string
  *
  * @param string $string
  * @return string
  */
 public function render($string = NULL)
 {
     if (NULL === $string) {
         $string = $this->renderChildren();
     }
     return GeneralUtility::removeXSS($string);
 }
開發者ID:smichaelsen,項目名稱:vhs,代碼行數:13,代碼來源:RemoveXssViewHelper.php

示例4: validateReturnUrl

 /**
  * Returns a valid and XSS cleaned url for redirect, checked against configuration "allowedRedirectHosts"
  *
  * @param string $url
  * @return string cleaned referer or empty string if not valid
  */
 public function validateReturnUrl($url)
 {
     $url = strval($url);
     if ($url === '') {
         return '';
     }
     $decodedUrl = rawurldecode($url);
     $sanitizedUrl = \TYPO3\CMS\Core\Utility\GeneralUtility::removeXSS($decodedUrl);
     if ($decodedUrl !== $sanitizedUrl || preg_match('#["<>\\\\]+#', $url)) {
         \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog(sprintf(\TYPO3\CMS\Extbase\Utility\LocalizationUtility::translate('service-URLValidator-xssAttackDetected', 'cicregister'), $url), 'cicregister', \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_WARNING);
         return '';
     }
     // Validate the URL:
     if ($this->canRedirectToUrl($url)) {
         return $url;
     }
     // URL is not allowed
     \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog(sprintf(\TYPO3\CMS\Extbase\Utility\LocalizationUtility::translate('service-URLValidator-noValidRedirectUrl', 'cicregister'), $url), 'felogin', \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_WARNING);
     return '';
 }
開發者ID:busynoggin,項目名稱:cicregister,代碼行數:26,代碼來源:UrlValidator.php

示例5: saveOrder

 /**
  * Save an order in the given folder
  * Order-ID has to be calculated beforehand!
  *
  * @param int $orderId Uid of the order
  * @param int $pid Uid of the folder to save the order in
  * @param Tx_Commerce_Domain_Model_Basket $basket Basket object of the user
  * @param Tx_Commerce_Payment_Interface_Payment $paymentObj Payment Object
  * @param bool $doHook Flag if the hooks should be executed
  * @param bool $doStock Flag if stock reduce should be executed
  *
  * @return array $orderData Array with all the order data
  */
 public function saveOrder($orderId, $pid, Tx_Commerce_Domain_Model_Basket $basket, Tx_Commerce_Payment_Interface_Payment $paymentObj, $doHook = TRUE, $doStock = TRUE)
 {
     $database = $this->getDatabaseConnection();
     // Save addresses with reference to the pObj - which is an instance of pi3
     $uids = array();
     $types = $database->exec_SELECTgetRows('name', 'tx_commerce_address_types', '1');
     foreach ($types as $type) {
         $uids[$type['name']] = $this->handleAddress($type['name']);
     }
     // Generate an order id on the fly if none was passed
     if (empty($orderId)) {
         $orderId = uniqid('', TRUE);
     }
     // create backend user for inserting the order data
     $orderData = array();
     $orderData['cust_deliveryaddress'] = isset($uids['delivery']) && !empty($uids['delivery']) ? $uids['delivery'] : $uids['billing'];
     $orderData['cust_invoice'] = $uids['billing'];
     $orderData['paymenttype'] = $this->getPaymentType(TRUE);
     $orderData['sum_price_net'] = $basket->getSumNet();
     $orderData['sum_price_gross'] = $basket->getSumGross();
     $orderData['order_sys_language_uid'] = $this->getFrontendController()->config['config']['sys_language_uid'];
     $orderData['pid'] = $pid;
     $orderData['order_id'] = $orderId;
     $orderData['crdate'] = $GLOBALS['EXEC_TIME'];
     $orderData['tstamp'] = $GLOBALS['EXEC_TIME'];
     $orderData['cu_iso_3_uid'] = $this->conf['currencyId'];
     $orderData['comment'] = GeneralUtility::removeXSS(strip_tags($this->piVars['comment']));
     if (is_array($GLOBALS['TSFE']->fe_user->user)) {
         $orderData['cust_fe_user'] = $GLOBALS['TSFE']->fe_user->user['uid'];
     }
     // Get hook objects
     $hookObjectsArr = array();
     if ($doHook) {
         $hookObjectsArr = $this->getHookObjectArray('finishIt');
         // Insert order
         foreach ($hookObjectsArr as $hookObj) {
             if (method_exists($hookObj, 'preinsert')) {
                 $hookObj->preinsert($orderData, $this);
             }
         }
     }
     $this->debug($orderData, '$orderData', __FILE__ . ' ' . __LINE__);
     $tceMain = $this->getInstanceOfTceMain($pid);
     $data = array();
     if (isset($this->conf['lockOrderIdInGenerateOrderId']) && $this->conf['lockOrderIdInGenerateOrderId'] == 1) {
         $data['tx_commerce_orders'][(int) $this->orderUid] = $orderData;
         $tceMain->start($data, array());
         $tceMain->process_datamap();
     } else {
         $newUid = uniqid('NEW');
         $data['tx_commerce_orders'][$newUid] = $orderData;
         $tceMain->start($data, array());
         $tceMain->process_datamap();
         $this->orderUid = $tceMain->substNEWwithIDs[$newUid];
     }
     // make orderUid avaible in hookObjects
     $orderUid = $this->orderUid;
     // Call update method from the payment class
     $paymentObj->updateOrder($orderUid, $this->sessionData);
     // Insert order
     foreach ($hookObjectsArr as $hookObj) {
         if (method_exists($hookObj, 'modifyBasketPreSave')) {
             $hookObj->modifyBasketPreSave($basket, $this);
         }
     }
     // Save order articles
     if (is_array($basket->getBasketItems())) {
         /**
          * Basket item
          *
          * @var $basketItem Tx_Commerce_Domain_Model_BasketItem
          */
         foreach ($basket->getBasketItems() as $artUid => $basketItem) {
             /**
              * Article
              *
              * @var $article Tx_Commerce_Domain_Model_Article
              */
             $article = $basketItem->article;
             $this->debug($article, '$article', __FILE__ . ' ' . __LINE__);
             $orderArticleData = array();
             $orderArticleData['pid'] = $orderData['pid'];
             $orderArticleData['crdate'] = $GLOBALS['EXEC_TIME'];
             $orderArticleData['tstamp'] = $GLOBALS['EXEC_TIME'];
             $orderArticleData['article_uid'] = $artUid;
             $orderArticleData['article_type_uid'] = $article->getArticleTypeUid();
             $orderArticleData['article_number'] = $article->getOrdernumber();
//.........這裏部分代碼省略.........
開發者ID:AndreasA,項目名稱:commerce,代碼行數:101,代碼來源:CheckoutController.php

示例6: sanitizeString

 /**
  * Sanitizes a string
  *
  * @param $string String to sanitize
  * @return string Sanitized string
  */
 protected function sanitizeString($string)
 {
     $string = GeneralUtility::removeXSS($string);
     $string = htmlentities($string, ENT_QUOTES, $GLOBALS['TSFE']->metaCharset);
     return $string;
 }
開發者ID:nxpthx,項目名稱:ext-solr,代碼行數:12,代碼來源:StatisticsWriter.php

示例7: main

 /**
  * Main function
  * Will issue a location-header, redirecting either BACK or to a new FormEngine instance...
  *
  * @return void
  */
 public function main()
 {
     if ($this->returnEditConf) {
         if ($this->processDataFlag) {
             // This data processing is done here to basically just get the current record. It can be discussed
             // if this isn't overkill here. In case this construct does not work out well, it would be less
             // overhead to just BackendUtility::fetchRecord the current parent here.
             /** @var OnTheFly $formDataGroup */
             $formDataGroup = GeneralUtility::makeInstance(OnTheFly::class);
             $formDataGroup->setProviderList([DatabaseEditRow::class]);
             /** @var FormDataCompiler $formDataCompiler */
             $formDataCompiler = GeneralUtility::makeInstance(FormDataCompiler::class, $formDataGroup);
             $input = ['tableName' => $this->P['table'], 'vanillaUid' => (int) $this->P['uid'], 'command' => 'edit'];
             $result = $formDataCompiler->compile($input);
             $currentParentRow = $result['databaseRow'];
             // If that record was found (should absolutely be...), then init DataHandler and set, prepend or append
             // the record
             if (is_array($currentParentRow)) {
                 /** @var DataHandler $dataHandler */
                 $dataHandler = GeneralUtility::makeInstance(DataHandler::class);
                 $dataHandler->stripslashes_values = false;
                 $data = array();
                 $recordId = $this->table . '_' . $this->id;
                 // Setting the new field data:
                 // If the field is a flexForm field, work with the XML structure instead:
                 if ($this->P['flexFormPath']) {
                     // Current value of flexForm path:
                     $currentFlexFormData = GeneralUtility::xml2array($currentParentRow[$this->P['field']]);
                     /** @var FlexFormTools $flexFormTools */
                     $flexFormTools = GeneralUtility::makeInstance(FlexFormTools::class);
                     $currentFlexFormValue = $flexFormTools->getArrayValueByPath($this->P['flexFormPath'], $currentFlexFormData);
                     $insertValue = '';
                     switch ((string) $this->P['params']['setValue']) {
                         case 'set':
                             $insertValue = $recordId;
                             break;
                         case 'prepend':
                             $insertValue = $currentFlexFormValue . ',' . $recordId;
                             break;
                         case 'append':
                             $insertValue = $recordId . ',' . $currentFlexFormValue;
                             break;
                     }
                     $insertValue = implode(',', GeneralUtility::trimExplode(',', $insertValue, true));
                     $data[$this->P['table']][$this->P['uid']][$this->P['field']] = array();
                     $flexFormTools->setArrayValueByPath($this->P['flexFormPath'], $data[$this->P['table']][$this->P['uid']][$this->P['field']], $insertValue);
                 } else {
                     switch ((string) $this->P['params']['setValue']) {
                         case 'set':
                             $data[$this->P['table']][$this->P['uid']][$this->P['field']] = $recordId;
                             break;
                         case 'prepend':
                             $data[$this->P['table']][$this->P['uid']][$this->P['field']] = $currentParentRow[$this->P['field']] . ',' . $recordId;
                             break;
                         case 'append':
                             $data[$this->P['table']][$this->P['uid']][$this->P['field']] = $recordId . ',' . $currentParentRow[$this->P['field']];
                             break;
                     }
                     $data[$this->P['table']][$this->P['uid']][$this->P['field']] = implode(',', GeneralUtility::trimExplode(',', $data[$this->P['table']][$this->P['uid']][$this->P['field']], true));
                 }
                 // Submit the data:
                 $dataHandler->start($data, array());
                 $dataHandler->process_datamap();
             }
         }
         // Return to the parent FormEngine record editing session:
         HttpUtility::redirect(GeneralUtility::sanitizeLocalUrl($this->P['returnUrl']));
     } else {
         // Redirecting to FormEngine with instructions to create a new record
         // AND when closing to return back with information about that records ID etc.
         $redirectUrl = BackendUtility::getModuleUrl('record_edit', array('returnEditConf' => 1, 'edit[' . $this->P['params']['table'] . '][' . $this->pid . ']' => 'new', 'returnUrl' => GeneralUtility::removeXSS(GeneralUtility::getIndpEnv('REQUEST_URI'))));
         HttpUtility::redirect($redirectUrl);
     }
 }
開發者ID:rickymathew,項目名稱:TYPO3.CMS,代碼行數:80,代碼來源:AddController.php

示例8: cleanFormValue

 /**
  * Cleans a form value that needs to be carried over to the next request
  * from potential XSS.
  *
  * @param string $value Possibly malicious form field value
  * @return string Cleaned value
  */
 private function cleanFormValue($value)
 {
     $value = urldecode($value);
     $value = filter_var(strip_tags($value), FILTER_SANITIZE_STRING);
     $value = GeneralUtility::removeXSS($value);
     return urlencode($value);
 }
開發者ID:Gregor-Agnes,項目名稱:ext-solr,代碼行數:14,代碼來源:ParameterKeepingFormModifier.php

示例9: saveAddressData

    /**
     * Save some data from piVars as address into database.
     *
     * @param bool $new If this is TRUE, a new address will be created,
     * 		otherwise it searches for an existing dataset and updates it
     * @param int $addressType Type of address delivered by piVars
     *
     * @return void
     */
    protected function saveAddressData($new = FALSE, $addressType = 0)
    {
        $database = $this->getDatabaseConnection();
        $newData = array();
        // Set basic data
        if (empty($addressType)) {
            $addressType = 0;
        }
        if ($this->piVars['ismainaddress'] == 'on') {
            $newData['tx_commerce_is_main_address'] = 1;
            // Remove all "is main address" flags from addresses that
            // are assigned to this user
            $database->exec_UPDATEquery('tt_address', 'pid = ' . $this->conf['addressPid'] . ' AND tx_commerce_fe_user_id=' . $this->user['uid'] . ' AND tx_commerce_address_type_id=' . $addressType, array('tx_commerce_is_main_address' => 0));
        } else {
            $newData['tx_commerce_is_main_address'] = 0;
        }
        $newData['tstamp'] = time();
        foreach ($this->fieldList as $name) {
            $newData[$name] = \TYPO3\CMS\Core\Utility\GeneralUtility::removeXSS(strip_tags($this->piVars[$name]));
            if (!$new) {
                $this->addresses[(int) $this->piVars['addressid']][$name] = $newData[$name];
            }
        }
        // Hook to process new/changed address
        $hookObjectsArr = array();
        if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['commerce/pi4/class.tx_commerce_pi4.php']['saveAddress'])) {
            \TYPO3\CMS\Core\Utility\GeneralUtility::deprecationLog('
				hook
				$GLOBALS[\'TYPO3_CONF_VARS\'][\'EXTCONF\'][\'commerce/pi4/class.tx_commerce_pi4.php\'][\'saveAddress\']
				is deprecated since commerce 1.0.0, it will be removed in commerce 1.4.0, please use instead
				$GLOBALS[\'TYPO3_CONF_VARS\'][\'EXTCONF\'][\'commerce/Classes/Controller/AddressesController.php\'][\'saveAddress\']
			');
            foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['commerce/pi4/class.tx_commerce_pi4.php']['saveAddress'] as $classRef) {
                $hookObjectsArr[] = \TYPO3\CMS\Core\Utility\GeneralUtility::getUserObj($classRef);
            }
        }
        if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['commerce/Classes/Controller/AddressesController.php']['saveAddress'])) {
            foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['commerce/Classes/Controller/AddressesController.php']['saveAddress'] as $classRef) {
                $hookObjectsArr[] = \TYPO3\CMS\Core\Utility\GeneralUtility::getUserObj($classRef);
            }
        }
        if ($new) {
            $newData['tx_commerce_fe_user_id'] = $this->user['uid'];
            $newData['tx_commerce_address_type_id'] = $addressType;
            $newData['pid'] = $this->conf['addressPid'];
            foreach ($hookObjectsArr as $hookObj) {
                if (method_exists($hookObj, 'beforeAddressSave')) {
                    $hookObj->beforeAddressSave($newData, $this);
                }
            }
            $database->exec_INSERTquery('tt_address', $newData);
            $newUid = $database->sql_insert_id();
            foreach ($hookObjectsArr as $hookObj) {
                if (method_exists($hookObj, 'afterAddressSave')) {
                    $hookObj->afterAddressSave($newUid, $newData, $this);
                }
            }
            $this->addresses = $this->getAddresses((int) $this->user['uid']);
        } else {
            foreach ($hookObjectsArr as $hookObj) {
                if (method_exists($hookObj, 'beforeAddressEdit')) {
                    $hookObj->beforeAddressEdit((int) $this->piVars['addressid'], $newData, $this);
                }
            }
            $sWhere = 'uid = ' . (int) $this->piVars['addressid'] . ' AND tx_commerce_fe_user_id = ' . $GLOBALS['TSFE']->fe_user->user['uid'];
            $database->exec_UPDATEquery('tt_address', $sWhere, $newData);
            foreach ($hookObjectsArr as $hookObj) {
                if (method_exists($hookObj, 'afterAddressEdit')) {
                    $hookObj->afterAddressEdit((int) $this->piVars['addressid'], $newData, $this);
                }
            }
        }
    }
開發者ID:AndreasA,項目名稱:commerce,代碼行數:82,代碼來源:AddressesController.php

示例10: render

 /**
  * ViewHelper combines Raw and RemoveXss Methods
  *
  * @return string
  */
 public function render()
 {
     $string = $this->renderChildren();
     $string = GeneralUtility::removeXSS($string);
     return $string;
 }
開發者ID:VladStawizki,項目名稱:ipl-logistik.de,代碼行數:11,代碼來源:RawAndRemoveXssViewHelper.php

示例11: render


//.........這裏部分代碼省略.........
     $hiddenfields = '';
     $fieldlist = array();
     $propertyOverride = array();
     $fieldname_hashArray = array();
     $counter = 0;
     $xhtmlStrict = GeneralUtility::inList('xhtml_strict,xhtml_11,xhtml_2', $GLOBALS['TSFE']->xhtmlDoctype);
     // Formname
     $formName = isset($conf['formName.']) ? $this->cObj->stdWrap($conf['formName'], $conf['formName.']) : $conf['formName'];
     $formName = $this->cleanFormName($formName);
     $formName = $GLOBALS['TSFE']->getUniqueId($formName);
     $fieldPrefix = isset($conf['fieldPrefix.']) ? $this->cObj->stdWrap($conf['fieldPrefix'], $conf['fieldPrefix.']) : $conf['fieldPrefix'];
     if (isset($conf['fieldPrefix']) || isset($conf['fieldPrefix.'])) {
         if ($fieldPrefix) {
             $prefix = $this->cleanFormName($fieldPrefix);
         } else {
             $prefix = '';
         }
     } else {
         $prefix = $formName;
     }
     foreach ($dataArray as $dataValue) {
         $counter++;
         $confData = array();
         if (is_array($formData)) {
             $parts = $dataValue;
             // TRUE...
             $dataValue = 1;
         } else {
             $dataValue = trim($dataValue);
             $parts = explode('|', $dataValue);
         }
         if ($dataValue && strcspn($dataValue, '#/')) {
             // label:
             $confData['label'] = GeneralUtility::removeXSS(trim($parts[0]));
             // field:
             $fParts = explode(',', $parts[1]);
             $fParts[0] = trim($fParts[0]);
             if ($fParts[0][0] === '*') {
                 $confData['required'] = 1;
                 $fParts[0] = substr($fParts[0], 1);
             }
             $typeParts = explode('=', $fParts[0]);
             $confData['type'] = trim(strtolower(end($typeParts)));
             if (count($typeParts) === 1) {
                 $confData['fieldname'] = $this->cleanFormName($parts[0]);
                 if (strtolower(preg_replace('/[^[:alnum:]]/', '', $confData['fieldname'])) == 'email') {
                     $confData['fieldname'] = 'email';
                 }
                 // Duplicate fieldnames resolved
                 if (isset($fieldname_hashArray[md5($confData['fieldname'])])) {
                     $confData['fieldname'] .= '_' . $counter;
                 }
                 $fieldname_hashArray[md5($confData['fieldname'])] = $confData['fieldname'];
                 // Attachment names...
                 if ($confData['type'] == 'file') {
                     $confData['fieldname'] = 'attachment' . $attachmentCounter;
                     $attachmentCounter = (int) $attachmentCounter + 1;
                 }
             } else {
                 $confData['fieldname'] = str_replace(' ', '_', trim($typeParts[0]));
             }
             $confData['fieldname'] = htmlspecialchars($confData['fieldname']);
             $fieldCode = '';
             $wrapFieldName = isset($conf['wrapFieldName']) ? $this->cObj->stdWrap($conf['wrapFieldName'], $conf['wrapFieldName.']) : $conf['wrapFieldName'];
             if ($wrapFieldName) {
                 $confData['fieldname'] = $this->cObj->wrap($confData['fieldname'], $wrapFieldName);
開發者ID:cabservicesag,項目名稱:compatibility6,代碼行數:67,代碼來源:FormContentObject.php

示例12: render

 /**
  * ViewHelper combines Raw and RemoveXss Methods
  *
  * @return string
  */
 public function render()
 {
     $string = $this->renderChildren();
     $string = \TYPO3\CMS\Core\Utility\GeneralUtility::removeXSS($string);
     return $string;
 }
開發者ID:advOpk,項目名稱:pwm,代碼行數:11,代碼來源:RawAndRemoveXssViewHelper.php

示例13: cleanKeywords

 /**
  * Helper method to escape/encode keywords for use in HTML
  *
  * @param string $keywords Keywords to prepare for use in HTML
  * @return string Encoded keywords
  */
 public static function cleanKeywords($keywords)
 {
     $keywords = trim($keywords);
     $keywords = GeneralUtility::removeXSS($keywords);
     $keywords = htmlentities($keywords, ENT_QUOTES, $GLOBALS['TSFE']->metaCharset);
     // escape triple hashes as they are used in the template engine
     // TODO remove after switching to fluid templates
     $keywords = Template::escapeMarkers($keywords);
     return $keywords;
 }
開發者ID:Gregor-Agnes,項目名稱:ext-solr,代碼行數:16,代碼來源:Query.php

示例14: main

 /**
  * Main function
  * Will issue a location-header, redirecting either BACK or to a new FormEngine instance...
  *
  * @return void
  */
 public function main()
 {
     if ($this->returnEditConf) {
         if ($this->processDataFlag) {
             // Preparing the data of the parent record...:
             /** @var DataPreprocessor $dataPreprocessor */
             $dataPreprocessor = GeneralUtility::makeInstance(DataPreprocessor::class);
             // 'new'
             $dataPreprocessor->fetchRecord($this->P['table'], $this->P['uid'], '');
             $current = reset($dataPreprocessor->regTableItems_data);
             // If that record was found (should absolutely be...), then init DataHandler and set, prepend or append the record
             if (is_array($current)) {
                 /** @var DataHandler $dataHandler */
                 $dataHandler = GeneralUtility::makeInstance(DataHandler::class);
                 $dataHandler->stripslashes_values = FALSE;
                 $data = array();
                 $recordId = $this->table . '_' . $this->id;
                 // Setting the new field data:
                 // If the field is a flexForm field, work with the XML structure instead:
                 if ($this->P['flexFormPath']) {
                     // Current value of flexForm path:
                     $currentFlexFormData = GeneralUtility::xml2array($current[$this->P['field']]);
                     /** @var FlexFormTools $flexFormTools */
                     $flexFormTools = GeneralUtility::makeInstance(FlexFormTools::class);
                     $currentFlexFormValue = $flexFormTools->getArrayValueByPath($this->P['flexFormPath'], $currentFlexFormData);
                     $insertValue = '';
                     switch ((string) $this->P['params']['setValue']) {
                         case 'set':
                             $insertValue = $recordId;
                             break;
                         case 'prepend':
                             $insertValue = $currentFlexFormValue . ',' . $recordId;
                             break;
                         case 'append':
                             $insertValue = $recordId . ',' . $currentFlexFormValue;
                             break;
                     }
                     $insertValue = implode(',', GeneralUtility::trimExplode(',', $insertValue, TRUE));
                     $data[$this->P['table']][$this->P['uid']][$this->P['field']] = array();
                     $flexFormTools->setArrayValueByPath($this->P['flexFormPath'], $data[$this->P['table']][$this->P['uid']][$this->P['field']], $insertValue);
                 } else {
                     switch ((string) $this->P['params']['setValue']) {
                         case 'set':
                             $data[$this->P['table']][$this->P['uid']][$this->P['field']] = $recordId;
                             break;
                         case 'prepend':
                             $data[$this->P['table']][$this->P['uid']][$this->P['field']] = $current[$this->P['field']] . ',' . $recordId;
                             break;
                         case 'append':
                             $data[$this->P['table']][$this->P['uid']][$this->P['field']] = $recordId . ',' . $current[$this->P['field']];
                             break;
                     }
                     $data[$this->P['table']][$this->P['uid']][$this->P['field']] = implode(',', GeneralUtility::trimExplode(',', $data[$this->P['table']][$this->P['uid']][$this->P['field']], TRUE));
                 }
                 // Submit the data:
                 $dataHandler->start($data, array());
                 $dataHandler->process_datamap();
             }
         }
         // Return to the parent FormEngine record editing session:
         HttpUtility::redirect(GeneralUtility::sanitizeLocalUrl($this->P['returnUrl']));
     } else {
         // Redirecting to FormEngine with instructions to create a new record
         // AND when closing to return back with information about that records ID etc.
         $redirectUrl = BackendUtility::getModuleUrl('record_edit', array('returnEditConf' => 1, 'edit[' . $this->P['params']['table'] . '][' . $this->pid . ']' => 'new', 'returnUrl' => GeneralUtility::removeXSS(GeneralUtility::getIndpEnv('REQUEST_URI'))));
         HttpUtility::redirect($redirectUrl);
     }
 }
開發者ID:plan2net,項目名稱:TYPO3.CMS,代碼行數:74,代碼來源:AddController.php

示例15: getButtonsAndOtherMarkers

 /**
  * Return the buttons used by the file list to include in the top header
  *
  * @param \TYPO3\CMS\Core\Resource\Folder $folderObject
  * @return array
  */
 public function getButtonsAndOtherMarkers(\TYPO3\CMS\Core\Resource\Folder $folderObject)
 {
     $otherMarkers = array('PAGE_ICON' => '', 'TITLE' => '');
     $buttons = array('level_up' => '', 'refresh' => '', 'title' => '', 'page_icon' => '');
     // Makes the code for the foldericon in the top
     if ($folderObject) {
         list($title, $icon, $path) = $this->dirData($folderObject);
         $title = htmlspecialchars($folderObject->getIdentifier());
         // Start compiling the HTML
         // @todo: how to fix this? $title = $GLOBALS['SOBE']->basicFF->blindPath($title);
         // If this is some subpage under the mount root....
         if ($folderObject->getStorage()->isWithinFileMountBoundaries($folderObject)) {
             // The icon with link
             $otherMarkers['PAGE_ICON'] = \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon($icon, array('title' => $title));
             $buttons['level_up'] = $this->linkWrapDir(\TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon('actions-view-go-up', array('title' => $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:labels.upOneLevel', 1))), $folderObject);
             // No HTML specialchars here - HTML like <strong> </strong> is allowed
             $otherMarkers['TITLE'] .= \TYPO3\CMS\Core\Utility\GeneralUtility::removeXSS(\TYPO3\CMS\Core\Utility\GeneralUtility::fixed_lgd_cs($title, -($this->fixedL + 20)));
         } else {
             // This is the root page
             $otherMarkers['PAGE_ICON'] = \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon('apps-filetree-root');
             $otherMarkers['TITLE'] .= htmlspecialchars(\TYPO3\CMS\Core\Utility\GeneralUtility::fixed_lgd_cs($title, -($this->fixedL + 20)));
         }
         if ($this->clickMenus) {
             $otherMarkers['PAGE_ICON'] = $GLOBALS['SOBE']->doc->wrapClickMenuOnIcon($otherMarkers['PAGE_ICON'], $folderObject->getCombinedIdentifier());
         }
     }
     $buttons['refresh'] = '<a href="' . htmlspecialchars($this->listURL()) . '" title="' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:labels.reload', 1) . '">' . \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon('actions-system-refresh') . '</a>';
     return array($buttons, $otherMarkers);
 }
開發者ID:noxludo,項目名稱:TYPO3v4-Core,代碼行數:35,代碼來源:FileList.php


注:本文中的TYPO3\CMS\Core\Utility\GeneralUtility::removeXSS方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。