PHP esc_xsssafe Beispiele

Programmiersprache: PHP

Methode / Funktion: esc_xsssafe

Beispiele auf hotexamples.com: 3

PHP esc_xsssafe - 3 Beispiele gefunden. Dies sind die am besten bewerteten PHP Beispiele für die esc_xsssafe, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Beispiel #1

Datei anzeigen

Datei: XssSafeHelper.php Projekt: TheoJD/portail

/**
 * Truncates raw +text+ to the length of +length+ and replaces the last three characters with the +truncate_string+
 * if the +text+ is longer than +length+.
 */
function truncate_safe_text($text, $length = 30, $truncate_string = '...', $truncate_lastspace = false)
{
    sfContext::getInstance()->getConfiguration()->loadHelpers('Text');
    return esc_xsssafe(truncate_text($text, $length, $truncate_string, $truncate_lastspace));
}

Beispiel #2

Datei anzeigen

Datei: XssSafeTest.php Projekt: limitium/uberlov

)
"
>
END
, 'output' => ''), 'Firefox Lookups' => array('input' => '<A HREF="http://google:ha.ckers.org">XSS</A>', 'output' => '<a href="http://google">XSS</a>'), 'Content Replace' => array('input' => '<A HREF="http://www.gohttp://www.google.com/ogle.com/">XSS</A>', 'output' => '<a href="http://www.gohttp//www.google.com/ogle.com/">XSS</a>'), 'Mixed Encoding' => array('input' => <<<END
<A HREF="htt\tp://6&#09;6.000146.0x7.147/">XSS</A>
END
, 'output' => '<a>XSS</a>'));
$miscellaneous_tests = array('YouTube Filter' => array('input' => '<object width="425" height="355"><param name="movie" value="http://www.youtube.com/v/HLHKgepRZ8M&hl=fr"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/HLHKgepRZ8M&hl=fr" type="application/x-shockwave-flash" wmode="transparent" width="425" height="355"></embed></object>', 'output' => '<object width="425" height="350" type="application/x-shockwave-flash" data="http://www.youtube.com/v/HLHKgepRZ8M"><param name="movie" value="http://www.youtube.com/v/HLHKgepRZ8M"></param><!--[if IE]><embed src="http://www.youtube.com/v/HLHKgepRZ8M"type="application/x-shockwave-flash"wmode="transparent" width="425" height="350" /><![endif]--></object>', 'filter' => true), 'Allowed Frame Targets Filter' => array('input' => '<a href="" target="_blank"></a>', 'output' => '<a href="" target="_blank"></a>', 'filter' => true), 'Enable ID' => array('input' => '<div id="test"></div>', 'output' => '<div id="test"></div>', 'filter' => true), 'Host Blacklist' => array('input' => '<a href="http://www.symfony-project.org/">Symfony Project</a>', 'output' => '<a>Symfony Project</a>', 'filter' => true), 'Enable Object' => array('input' => '<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0" id="video_small" align="middle" height="370" width="417">
<param name="allowScriptAccess" value="sameDomain">
<param name="allowFullScreen" value="true">
<param name="FlashVars" value="video=http://www.toppeo.com/flv/demospectacle4473EE7B_8003221.flv">
<param name="movie" value="/player/player.swf"><param name="quality" value="high">
<param name="bgcolor" value="#000000">
<embed src="/player/player.swf" flashvars="video=http://www.toppeo.com/flv/demospectacle4473EE7B_8003221.flv" quality="high" bgcolor="#000000" name="video_small" allowscriptaccess="sameDomain" allowfullscreen="true" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" align="middle" height="370" width="417">
</object>', 'output' => '<embed src="/player/player.swf" flashvars="video=http://www.toppeo.com/flv/demospectacle4473EE7B_8003221.flv" quality="high" bgcolor="#000000" name="video_small" allowfullscreen="true" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" align="middle" height="370" width="417" />', 'filter' => true));
$t = new lime_test(count($xsssafe_tests) + count($miscellaneous_tests) + 2, new lime_output_color());
// XssSafe Helper
$t->diag('XssSafe Helper');
$t->include_ok(sfConfig::get('sf_plugins_dir') . '/sfXssSafePlugin/lib/helper/XssSafeHelper.php', 'XssSafe Helper include');
$t->is(class_exists('HTMLPurifier_Config'), true, 'HTML Purifier autoload');
// XSS Attacks Smoketest
$t->diag('XSS Attacks Smoketest');
foreach ($xsssafe_tests as $name => $test) {
    $t->is(esc_xsssafe($test['input']), $test['output'], $name . sprintf('%s', isset($test['filter']) ? ' is properly filtered' : ' is properly escaped'));
}
// HTML Purifier Config
$t->diag('HTML Purifier Config');
foreach ($miscellaneous_tests as $name => $test) {
    $t->is(trim(esc_xsssafe($test['input'])), $test['output'], $name . sprintf('%s', isset($test['filter']) ? ' is properly filtered' : ' is properly escaped'));
}

Beispiel #3

Datei anzeigen

Datei: viewSuccess.php Projekt: pkdevbox/mootools-forge

	</div>

	<?php 
if ($sections->count()) {
    ?>
	<?php 
    foreach ($sections as $section) {
        ?>
	<hr />
	<div class="block section">
		<h3 class="blue"><span><?php 
        echo $section->getTitle();
        ?>
</span></h3>
		<?php 
        echo esc_xsssafe($section->getRawValue()->getContent());
        ?>
	</div>
	<?php 
    }
    ?>
	<?php 
}
?>

	<?php 
if ($screenshots->count()) {
    ?>
	<hr />

	<div class="block section">