Beispiel #1
0
 public function init()
 {
     $stripTags = new Zend_Filter_StripTags();
     $stripTags->setTagsAllowed(array('p', 'a', 'img', 'strong', 'b', 'i', 'em', 's', 'del'));
     $stripTags->setAttributesAllowed(array('href', 'target', 'rel', 'name', 'src', 'width', 'height', 'alt', 'title'));
     $this->addElement('textarea', 'description', array('class' => 'richedit', 'label' => 'Description:', 'required' => true, 'filters' => array('StringTrim', $stripTags), 'validators' => array(new Zend_Validate_NotEmpty())))->addElement('hidden', 'recipe_id')->addElement('submit', 'submit');
 }
Beispiel #2
0
 /**
  * Ensures that the filter works properly for the data reported on fw-general on 2007-05-26
  *
  * @see    http://www.nabble.com/question-about-tag-filter-p10813688s16154.html
  * @return void
  */
 public function testFilter20070526()
 {
     $tagsAllowed = array('object' => array('width', 'height'), 'param' => array('name', 'value'), 'embed' => array('src', 'type', 'wmode', 'width', 'height'));
     $this->_filter->setTagsAllowed($tagsAllowed);
     $input = '<object width="425" height="350"><param name="movie" value="http://www.example.com/path/to/movie">' . '</param><param name="wmode" value="transparent"></param><embed ' . 'src="http://www.example.com/path/to/movie" type="application/x-shockwave-flash" ' . 'wmode="transparent" width="425" height="350"></embed></object>';
     $expected = '<object width="425" height="350"><param name="movie" value="http://www.example.com/path/to/movie">' . '</param><param name="wmode" value="transparent"></param><embed ' . 'src="http://www.example.com/path/to/movie" type="application/x-shockwave-flash" ' . 'wmode="transparent" width="425" height="350"></embed></object>';
     $this->assertEquals($expected, $this->_filter->filter($input));
 }
Beispiel #3
0
 /**
  * @group ZF-11617
  */
 public function testFilterCanAllowHyphenatedAttributeNames()
 {
     $input = '<li data-disallowed="no!" data-name="Test User" data-id="11223"></li>';
     $expected = '<li data-name="Test User" data-id="11223"></li>';
     $this->_filter->setTagsAllowed('li');
     $this->_filter->setAttributesAllowed(array('data-id', 'data-name'));
     $this->assertEquals($expected, $this->_filter->filter($input));
 }
Beispiel #4
0
 /**
  * Reset filter to the default settings for the current section
  * @return void
  */
 public static function resetFilter()
 {
     if (!self::$filter || !self::$filter instanceof Zend_Filter_StripTags) {
         self::$filter = new Zend_Filter_StripTags();
     }
     self::$filter->setAttributesAllowed(Sobi::Cfg('html.allowed_attributes_array'));
     self::$filter->setTagsAllowed(Sobi::Cfg('html.allowed_tags_array'));
 }
Beispiel #5
0
 /**
  * Ensures that a closing angle bracket in an allowed attribute does not break the parser
  *
  * @return void
  * @link   http://framework.zend.com/issues/browse/ZF-3278
  */
 public function testClosingAngleBracketInAllowedAttributeValue()
 {
     $tagsAllowed = array('a' => 'href');
     $this->_filter->setTagsAllowed($tagsAllowed);
     $input = '<a href="Some &gt; Text">';
     $expected = '<a href="Some &gt; Text">';
     $this->assertEquals($expected, $this->_filter->filter($input));
 }
Beispiel #6
0
 /**
  * Ensures that unallowed tags and attributes are stripped and that tags are backward-compatible XHTML
  *
  * @return void
  */
 public function testBasicBehaviors()
 {
     $input = '<a href="http://example.com" style="color: #ffffff"><b>Some Text</b></a><br/>';
     $expected = '<a href="http://example.com">Some Text</a><br />';
     $tagsAllowed = array('a' => 'href', 'br');
     $this->_filter->setTagsAllowed($tagsAllowed);
     $this->assertEquals($expected, $this->_filter->filter($input));
 }
Beispiel #7
0
 public function init()
 {
     $stripTags = new Zend_Filter_StripTags();
     $stripTags->setTagsAllowed(array('p', 'a', 'img', 'strong', 'b', 'i', 'em', 's', 'del'));
     $stripTags->setAttributesAllowed(array('href', 'target', 'rel', 'name', 'src', 'width', 'height', 'alt', 'title'));
     $this->setAction('/rating/new');
     $this->addElement('select', 'value', array('label' => 'Rating:', 'required' => true, 'multiOptions' => array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10)))->addElement('textarea', 'comment', array('class' => 'richedit', 'label' => 'Comment:', 'filters' => array('StringTrim', $stripTags), 'validators' => array(new Zend_Validate_NotEmpty())))->addElement('hidden', 'recipe_id')->addElement('submit', 'submit');
 }
Beispiel #8
0
 /**
  * Ensures that an allowed attribute's value may end with an equals sign '='
  *
  * @return void
  * @link   http://framework.zend.com/issues/browse/ZF-3293
  */
 public function testAllowedAttributeValueMayEndWithEquals()
 {
     $tagsAllowed = array(
         'element' => 'attribute'
     );
     $this->_filter->setTagsAllowed($tagsAllowed);
     $input = '<element attribute="a=">contents</element>';
     $this->assertEquals($input, $this->_filter->filter($input));
 }
Beispiel #9
0
    /**
     * @group ZF-5983
     */
    public function testDisallowedAttributesSplitOverMultipleLinesShouldBeStripped()
    {
        $tagsAllowed = array('a' => 'href');
        $this->_filter->setTagsAllowed($tagsAllowed);
        $input = '<a href="http://framework.zend.com/issues" onclick
=
    "alert(&quot;Gotcha&quot;); return false;">http://framework.zend.com/issues</a>';
        $filtered = $this->_filter->filter($input);
        $this->assertNotContains('onclick', $filtered);
    }