/** * Strips extra whitespace, images, scripts and stylesheets from output * * @param string $str String to sanitize * @static * @access public * @return string sanitized string */ public static function stripAll($str) { return pjSanitize::stripScripts(pjSanitize::stripImages(pjSanitize::stripWhitespace($str))); }
$mas_content = multi_array_search($mrow['ModifierGroup_Id'], $product['extra_arr']); if ($mas_content == 1) { ?> <div name="tab_content" id="tab_content_<?php echo $product['id']; echo $mgt; ?> " class="tab-content"> <?php foreach ($product['extra_arr'] as $extra) { if ($mrow['ModifierGroup_Id'] == $extra['ModifierGroup_Id']) { ?> <div class="fdExtraBox"> <label><?php echo pjSanitize::clean($extra['name']); ?> </label> <span class="fdExtraPrice"><?php echo pjUtil::formatCurrencySign(number_format($extra['price'], 2), $tpl['option_arr']['o_currency']); ?> </span> <a href="#" class="fdAddExtra" data-index="<?php echo $product['id']; ?> -<?php echo $extra['id']; ?> "><?php __('front_add'); ?>
:</label> <span class="inline_block"> <input type="text" name="alpha_2" id="alpha_2" class="pj-form-field w50" value="<?php echo pjSanitize::html($tpl['arr']['alpha_2']); ?> " maxlength="2" /> </span> </p> <p> <label class="title"><?php __('plugin_country_alpha_3'); ?> :</label> <span class="inline_block"> <input type="text" name="alpha_3" id="alpha_3" class="pj-form-field w50" value="<?php echo pjSanitize::html($tpl['arr']['alpha_3']); ?> " maxlength="3" /> </span> </p> <p> <label class="title"> </label> <input type="submit" value="<?php __('plugin_country_btn_save'); ?> " class="pj-button" /> <input type="button" value="<?php __('plugin_country_btn_cancel'); ?> " class="pj-button" onclick="window.location.href='<?php echo PJ_INSTALL_URL;
"><?php __('front_terms_conditions'); ?> </a> </span> </p> <?php if (!empty($tpl['terms_conditions'])) { ?> <div id="fdTermContainer_<?php echo $index; ?> " style="display: none;"> <p class="fdParagraph fdTermsConditions"> <?php echo nl2br(pjSanitize::clean($tpl['terms_conditions'])); ?> </p> </div> <?php } ?> </form> <div class="fdOverflow fdButtonContainer"> <a href="#" class="fdButton fdNormalButton fdFloatLeft fdButtonGetTypes"><?php __('front_button_back'); ?> </a> <a href="#" class="fdButton fdOrangeButton fdButtonNext fdButtonGetPreview fdFloatRight"><?php __('front_button_continue'); ?>
/** * Make data XML-ready * * @param array $data * @access public * @return self */ public function process($data = array()) { $rows = array(); $rows[] = '<?xml version="' . $this->version . '" encoding="' . $this->encoding . '"?>'; $rows[] = '<' . $this->root . '>'; foreach ($data as $item) { $cells = array(); $cells[] = "\t<" . $this->record . ">"; foreach ($item as $key => $value) { $cells[] = "\t\t<" . $key . ">" . pjSanitize::html($value) . "</" . $key . ">"; } $cells[] = "\t</" . $this->record . ">"; $rows[] = join($this->eol, $cells); } $rows[] = "</" . $this->root . ">"; $this->setData(join($this->eol, $rows)); return $this; }
index.php?controller=pjLocale&action=pjActionExport" method="post" class="form pj-form"> <input type="hidden" name="export" value="1" /> <p> <label class="title"><?php __('plugin_locale_separator'); ?> </label> <select name="separator" class="pj-form-field"> <?php foreach (__('plugin_locale_separators', true) as $k => $v) { ?> <option value="<?php echo $k; ?> "><?php echo pjSanitize::html($v); ?> </option><?php } ?> </select> </p> <p> <label class="title"> </label> <input type="submit" value="<?php __('plugin_locale_export'); ?> " class="pj-button" /> </p> </form> </fieldset>
]" data-type="select" class="fdSize pj-form-field w140"> <option value="">-- <?php __('lblChoose'); ?> --</option> <?php foreach ($tpl['price_arr'] as $v) { ?> <option value="<?php echo $v['id']; ?> " data-price="<?php echo $v['price']; ?> "><?php echo pjSanitize::clean($v['price_name']); ?> : <?php echo pjUtil::formatCurrencySign(round($v['price'], 2), $tpl['option_arr']['o_currency']); ?> </option><?php } ?> </select> <?php } } else { ?> <select id="fdPrice_<?php echo $_GET['index']; ?>
echo pjSanitize::clean(@$v['d_address_1']); ?> " data-add2="<?php echo pjSanitize::clean(@$v['d_address_2']); ?> " data-city="<?php echo pjSanitize::clean(@$v['d_city']); ?> " data-state="<?php echo pjSanitize::clean(@$v['d_state']); ?> " data-zip="<?php echo pjSanitize::clean(@$v['d_zip']); ?> " data-country="<?php echo pjSanitize::clean(@$v['d_country_id']); ?> "><?php echo stripslashes($order_detail); ?> </option><?php } ?> </select> </p> <?php } ?> <?php if (in_array($tpl['option_arr']['o_df_include_address_1'], array(2, 3))) { ?>
?> </span> <span><textarea name="message" id="confirm_message" class="pj-form-field w600 h300 required"><?php echo stripslashes(str_replace(array('\\r\\n', '\\n'), ' ', $tpl['arr']['message'])); ?> </textarea></span> </p> <?php if (!empty($tpl['arr']['client_email'])) { ?> <p> <label> <input type="hidden" name="to" value="<?php echo pjSanitize::html($tpl['arr']['client_email']); ?> "/> <?php __('lblClientEmail'); ?> (<?php echo pjSanitize::html($tpl['arr']['client_email']); ?> ) </label> </p> <?php } ?> </form> <?php }
<tr id="category_row_<?php echo $v['id']; ?> " data-id="id_<?php echo $v['id']; ?> " class="pj-table-row<?php echo $i % 2 == 0 ? ' pj-table-row-even' : ' pj-table-row-odd'; ?> "> <td style="width: 20px;"><input type="checkbox" name="record[]" value="<?php echo $v['id']; ?> " class="pj-table-select-row"></td> <td style="width: 552px;"><?php echo pjSanitize::clean($v['name']); ?> </td> <td style="width: 70px;"><?php echo $v['is_open'] == 1 ? $_yesno['T'] : $_yesno['F']; ?> </td> <td style="width: 100px;"> <a href="index.php?controller=pjAdminCategories&action=pjActionUpdate&id=<?php echo $v['id']; ?> " class="pj-table-icon-edit"></a> <a href="index.php?controller=pjAdminCategories&action=pjActionDeleteCategory&id=<?php echo $v['id']; ?> " rev="<?php
<td><?php __('front_company'); ?> </td> <td><?php echo stripslashes($tpl['arr']['c_company']); ?> </td> </tr> <tr> <td><?php __('front_notes'); ?> </td> <td><?php echo isset($tpl['arr']['c_notes']) ? nl2br(pjSanitize::clean($tpl['arr']['c_notes'])) : null; ?> </td> </tr> <tr> <td><?php __('front_address_line_1'); ?> </td> <td><?php echo stripslashes($tpl['arr']['c_address_1']); ?> </td> </tr> <tr> <td><?php
public function pjActionStep7() { $this->pjActionCheckSession(); if (isset($_POST['step6'])) { $_POST = pjSanitize::clean($_POST, array('encode' => false)); $_SESSION[$this->defaultInstaller] = array_merge($_SESSION[$this->defaultInstaller], $_POST); } if (!isset($_SESSION[$this->defaultInstaller]['step6'])) { pjUtil::redirect($_SERVER['PHP_SELF'] . "?controller=pjInstaller&action=pjActionStep6&install=1"); } unset($_SESSION[$this->defaultInstaller]); unset($_SESSION[$this->defaultErrors]); }
<label class="fdContent"><?php echo isset($FORM['c_zip']) ? htmlspecialchars(stripslashes(@$FORM['c_zip'])) : htmlspecialchars(stripslashes(@$CLIENT['c_zip'])); ?> </label> </p> <?php } if (in_array($tpl['option_arr']['o_bf_include_country'], array(2, 3))) { ?> <p class="fdParagraph"> <label class="fdTitle"><?php __('front_country'); ?> :</label> <label class="fdContent"><?php echo pjSanitize::clean($tpl['country_arr']['country_title']); ?> </label> </p> <?php } $ob_address = ob_get_contents(); ob_end_clean(); if (!empty($ob_address)) { ?> <div class="fdFormHeading"> <span class="fdBlock fdFloatLeft"><?php echo strtoupper(__('front_address', true, false)); ?> </span> </div>
<span class="inline_block"> <input type="text" name="name" id="name" value="<?php echo pjSanitize::html($tpl['arr']['name']); ?> " class="pj-form-field w250 required" /> </span> </p> <p> <label class="title"><?php __('lblPhone'); ?> </label> <span class="pj-form-field-custom pj-form-field-custom-before"> <span class="pj-form-field-before"><abbr class="pj-form-field-icon-phone"></abbr></span> <input type="text" name="phone" id="phone" value="<?php echo pjSanitize::html($tpl['arr']['phone']); ?> " class="pj-form-field w200" placeholder="(123) 456-7890"/> </span> </p> <p> <label class="title"><?php __('lblStatus'); ?> </label> <?php if ((int) $tpl['arr']['id'] !== 1) { ?> <span class="inline_block"> <select name="status" id="status" class="pj-form-field required"> <option value="">-- <?php
forgot_messages: { 100: "<?php echo pjSanitize::clean($forgot_messages[100]); ?> ", 101: "<?php echo pjSanitize::clean($forgot_messages[101]); ?> ", 200: "<?php echo pjSanitize::clean($forgot_messages[200]); ?> " }, email_exiting_message: "<?php echo pjSanitize::clean(__('front_existing_email', true)); ?> " }; loadScript("<?php echo PJ_INSTALL_URL . PJ_LIBS_PATH; ?> pjQ/pjQuery.min.js", function () { loadScript("<?php echo PJ_INSTALL_URL . PJ_LIBS_PATH; ?> pjQ/pjQuery.validate.min.js", function () { loadScript("<?php echo PJ_INSTALL_URL . PJ_LIBS_PATH; ?> calendarJS/calendar.min.js", function () {
__('lblInstallConfigLocale'); ?> </label> <select class="pj-form-field w200 pj-install-config" id="install_locale" name="install_locale"> <option value="">-- <?php __('lblAll'); ?> --</option> <?php foreach ($tpl['locale_arr'] as $locale) { ?> <option value="<?php echo $locale['id']; ?> "><?php echo pjSanitize::html($locale['title']); ?> </option><?php } ?> </select> </p> <p> <label class="title"> </label> <a id="pj_preview_install" target="_blank" href="javascript:void(0);" class="pj-button" rel="<?php echo PJ_INSTALL_URL; ?> index.php?controller=pjAdminOptions&action=pjActionPreview{LOCALE}"/><?php __('btnPreview'); ?> </a>
:</label> <span class="pj-form-field-custom pj-form-field-custom-before"> <span class="pj-form-field-before"><abbr class="pj-form-field-icon-password"></abbr></span> <input type="text" name="password" id="password" class="pj-form-field required w200" value="<?php echo pjSanitize::html($tpl['arr']['password']); ?> " autocomplete="off" /> </span> </p> <p> <label class="title"><?php __('lblName'); ?> </label> <span class="inline_block"> <input type="text" name="name" id="name" value="<?php echo pjSanitize::html($tpl['arr']['name']); ?> " class="pj-form-field w250 required" /> </span> </p> <p> <label class="title"> </label> <input type="submit" value="<?php __('btnSave', false, true); ?> " class="pj-button" /> </p> </form> <?php }
?> " /> <?php if ($tpl['arr'][$i]['key'] == 'o_show_upto') { __('lblDays'); } break; case 'float': ?> <input type="text" name="value-<?php echo $tpl['arr'][$i]['type']; ?> -<?php echo $tpl['arr'][$i]['key']; ?> " class="pj-form-field field-float w60" value="<?php echo pjSanitize::html($tpl['arr'][$i]['value']); ?> " /><?php break; case 'enum': ?> <select name="value-<?php echo $tpl['arr'][$i]['type']; ?> -<?php echo $tpl['arr'][$i]['key']; ?> " class="pj-form-field"> <?php $default = explode("::", $tpl['arr'][$i]['value']); $enum = explode("|", $default[0]);
?> " method="post" id="frmUpdateVoucher" class="form pj-form" autocomplete="off"> <input type="hidden" name="voucher_update" value="1" /> <input type="hidden" name="id" value="<?php echo $tpl['arr']['id']; ?> " /> <p> <label class="title"><?php __('lblVoucherCode'); ?> </label> <span class="inline_block"> <input type="text" name="code" id="code" value="<?php echo pjSanitize::clean($tpl['arr']['code']); ?> " class="pj-form-field w150 required" /> </span> </p> <p> <label class="title"><?php __('lblType'); ?> </label> <span class="inline_block"> <select name="type" id="type" class="pj-form-field w150"> <?php foreach (__('voucher_types', true, false) as $k => $v) { ?> <option value="<?php
} if (isset($tpl['arr']['cancel_return']) && !empty($tpl['arr']['cancel_return'])) { ?> <input type="hidden" name="cancel_return" value="<?php echo $tpl['arr']['cancel_return']; ?> " /> <?php } if (isset($tpl['arr']['notify_url']) && !empty($tpl['arr']['notify_url'])) { ?> <input type="hidden" name="notify_url" value="<?php echo $tpl['arr']['notify_url']; ?> " /> <?php } if (isset($tpl['arr']['submit'])) { ?> <input type="submit" value="<?php echo pjSanitize::html($tpl['arr']['submit']); ?> " class="<?php echo pjSanitize::html(@$tpl['arr']['submit_class']); ?> " /> <?php } ?> <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1" /> </form>
__('lblDashNoOrder'); ?> </span></label> </div> <?php } ?> </div> </div> <!--<div class="dashboard_column"> <div class="dashboard_list dashboard_latest_list quick_links"> <?php foreach ($tpl['location_arr'] as $v) { ?> <label><?php echo pjSanitize::clean($v['location_title']); ?> </label> <label><span><?php __('lblDelivery'); ?> : <abbr><?php echo $v['delivery']; ?> </abbr></span></label> <label class="space"><span><?php __('lblPickup'); ?> : <abbr><?php echo $v['pickup']; ?>
<span class="pj-form-field-before"><abbr class="pj-form-field-icon-email"></abbr></span> <input type="text" name="c_email" id="email" class="pj-form-field w300 email required" placeholder="*****@*****.**" value="<?php echo htmlspecialchars(stripslashes($tpl['arr']['c_email'])); ?> "/> </span> </p> <p> <label class="title"><?php __('pass'); ?> </label> <span class="pj-form-field-custom pj-form-field-custom-before"> <span class="pj-form-field-before"><abbr class="pj-form-field-icon-password"></abbr></span> <input type="text" name="c_password" id="c_password" class="pj-form-field required w200" value="<?php echo pjSanitize::html($tpl['arr']['c_password']); ?> " /> </span> </p> <p> <label class="title"><?php __('lblPhone'); ?> </label> <span class="pj-form-field-custom pj-form-field-custom-before"> <span class="pj-form-field-before"><abbr class="pj-form-field-icon-phone"></abbr></span> <input type="text" name="c_phone" id="phone" class="pj-form-field w150" placeholder="(123) 456-7890" value="<?php echo htmlspecialchars(stripslashes($tpl['arr']['c_phone'])); ?> "/>
} break; case 'bank': ?> //<?php include PJ_VIEWS_PATH . 'pjFront/elements/api_test.php'; ?> <div class="fdSystemMessage"> <?php $system_msg = str_replace("[STAG]", "<a href='#' class='fdStartOver'>", $front_messages[3]); $system_msg = str_replace("[ETAG]", "</a>", $system_msg); echo $system_msg; ?> <br /><br /> <?php echo pjSanitize::html(nl2br($tpl['option_arr']['o_bank_account'])); ?> </div> <?php break; case 'creditcard': case 'cash': default: $user_name = urlencode($_SESSION['order_data']['o_user_name']); ?> <div class="fdSystemMessage"> <?php $system_msg = str_replace("[STAG]", "<a href='" . PJ_BASE_PATH . $user_name . '/restaurants/' . base64_encode($_SESSION['order_data']['o_user_id']) . "'>", $front_messages[3]); $system_msg = str_replace("[ETAG]", "</a>", $system_msg); echo $system_msg;