/** * Clean markup * * @param string $markup * @param string $config * @return string */ public function clean($markup, $config = null) { if (empty($config) && !empty($this->settings['config'])) { $config = $this->settings['config']; } return Purifier::clean($markup, $config); }
public static function UpdatePage($id, $data) { $content = Purifier::clean($data['content']); $description = Purifier::clean($data['content'], 'noHtml'); $update_content = DB::table('pages')->where('id', $id)->update(array('title' => $data['title'], 'slug' => $data['slug'], 'content' => $content, 'description' => $description)); return $update_content; }
/** * setUp method * * @return void */ public function setUp() { parent::setUp(); $this->View = $this->getMock('View', array('append'), array(new Controller())); $this->Purifier = new HtmlPurifierHelper($this->View); Purifier::config('default', array('HTML.AllowedElements' => 'a, em, blockquote, p, strong, pre, code, span,ul,ol,li,img', 'HTML.AllowedAttributes' => 'a.href, a.title, img.src, img.alt', 'HTML.AllowedAttributes' => "*.style", 'CSS.AllowedProperties' => 'text-decoration', 'HTML.TidyLevel' => 'heavy', 'HTML.Doctype' => 'XHTML 1.0 Transitional')); }
public function beforeSave($options = array()) { if (isset($this->data['UserPage']['body'])) { $this->data['UserPage']['body'] = Purifier::clean($this->data['UserPage']['body'], 'UserPageInfo'); } if (isset($this->data['UserPage']['calendar_iframe'])) { $this->data['UserPage']['calendar_iframe'] = Purifier::clean($this->data['UserPage']['calendar_iframe'], 'UserPageCalendar'); } if (!$this->id) { $this->data['UserPage']['hash'] = Security::hash(uniqid()); } else { if ($this->calendar_iframe != null) { $this->__modifyCalendarIframe(); } } if (isset($this->data['UserPage']['phone_number'])) { $tmp = implode('', $this->data['UserPage']['phone_number']); if (!empty($tmp)) { $this->data['UserPage']['phone_number'] = implode('-', $this->data['UserPage']['phone_number']); } else { $this->data['UserPage']['phone_number'] = ''; } } return true; }
public function store($data, $type = null) { $this->user_id = Auth::id(); $this->question_id = $data['question']; $this->slug = Tools::slug($data['title']); $this->title = $data['title']; $this->type = $data['post_type']; $this->selected_option = $data['option']; switch ($type) { case 'text': $this->content = Purifier::clean($data['content']); $description = $data['content']; break; case 'link': case 'video': case 'vine': $this->content = Purifier::clean($data['link'], 'noHtml'); $description = $data['description']; break; case 'audio': case 'photo': $file = Input::file('post_file'); $this->post_file_ext = $file->getClientOriginalExtension(); $this->post_file = $this->savePostFile($file, $type, Auth::id()); $description = $data['content']; break; } $this->description = str_limit(Purifier::clean($description, 'noHtml'), 255, ''); $this->save(); return ['id' => $this->id, 'slug' => $this->slug]; }
public function send(ResponseSchedule $schedule) { //Check for any new email/phone/in-person type types for this contact and reschedule responses based on the Note // return $schedule->most_recent_note_id; $note = $schedule->contact->notes()->where(function ($q) { $q->where('note_type', 'Email'); $q->orWhere('note_type', 'Phone'); $q->orWhere('note_type', 'In-Person'); })->whereRaw('note_date > IFNULL((SELECT note_date FROM notes WHERE id = ' . $schedule->most_recent_note_id . " ),'" . $schedule->created_at . "')")->orderBy('note_date', 'desc')->first(); //If a notes exists, call a reschedule of all items in this Response Template using the Note Date and log Note ID to the scheduled response. // return $note; if ($note) { //If a New Note exists, Reschedule Responses and Exit $schedules = $this->reschedule($schedule, $note); return $schedules; } // Else Send the scheduled response using the response detail template // Log a Note to Contact containing copy of the message // return $schedule->load('detail'); $note = view('emails.templates.' . $schedule->detail->template_file_name, ['contact' => $schedule->contact]); $note_entry = $schedule->contact->notes()->create(['note_date' => Carbon::now(), 'title' => 'Sent: ' . $schedule->detail->template . ": " . $schedule->detail->subject, 'note_type' => 'Scheduled Response', 'create_user_id' => \App\User::where('email', '*****@*****.**')->first()->id, 'note' => \Purifier::clean($note)]); // Send the email \Mail::send('emails.templates.' . $schedule->detail->template_file_name, ['contact' => $schedule->contact], function ($m) use($schedule) { $m->to('*****@*****.**', 'Chris Rundlett')->cc('*****@*****.**', 'Tim Bradshaw')->from('*****@*****.**', 'LTD Sailing')->subject($schedule->detail->subject); }); //Mark the Scheduled Response as SENT $schedule->sent_date = Carbon::now(); $schedule->save(); return $schedule; // return $note_entry->note; }
/** * Generate a preview * * @param array $input * @param $user * @return \Illuminate\View\View */ public function generatePost($input, $user) { // Generate preview post $post = $this->postRepo->getEmptyPost(); $post->author = $user; $post->markdown = $input['content']; $post->html = \Purifier::clean(\Markdown::text($input['content'])); return $post; }
/** * Create post * * @param array $input * @param $topic * @param $user * @param bool $add * @return \Illuminate\Http\RedirectResponse|object */ public function create($input, $topic, $user, $add = true) { // Create post $data = ['markdown' => $input['content'], 'html' => \Purifier::clean(\Markdown::text($input['content'])), 'topic_id' => $topic->id, 'user_id' => $user->id]; if (\Bouncer::hasPermission('devresponse') and \Input::get('devresponse') == 1) { $data['developer_response'] = true; } $post = $this->postRepo->create($data); return $post; }
public function store(CreateMessageRequest $request) { $input = $request->all(); $input['body'] = \Purifier::clean($input['body']); $input['body'] = \Html::entities($input['body']); $message = new Message($input); Auth::user()->messages()->save($message); \Session::flash('flash_message', 'Your message has been posted!'); return redirect('messages'); }
/** * Search page, using google's. */ public function search() { $query = Purifier::clean(Input::get('q')); $limit = 20; $latest_page = Input::get('page') ?: 1; \Paginator::setCurrentPage($latest_page); $topics = $this->topic->where('title', 'like', '%' . $query . '%')->with('user', 'node', 'lastReplyUser')->paginate($limit); $nodes = Node::allLevelUp(); $links = Link::remember(1440)->get(); return View::make('topics.index', compact('topics', 'nodes', 'links')); //return Redirect::away('https://www.baidu.com/search?q=site:phphub.org ' . $query, 301); }
public function postCreate() { if (Auth::guest()) { return Redirect::secure('user/login'); } // do not use layout for this $this->layout = null; // add to db Input::get('isPrivate') == 1 ? $isPrivate = 1 : ($isPrivate = 0); Album::insert(array('user_id' => Input::get('userId'), 'categories_id' => Input::get('category'), 'name' => strip_tags(Purifier::clean(Input::get('name'))), 'isPrivate' => $isPrivate)); // redirect to albums return Redirect::secure('user/albums'); }
public function update($id) { $post = Post::findOrFail($id); $this->authorOrAdminPermissioinRequire($post->user_id); $validator = Validator::make($data = Input::all(), Post::$rules); if ($validator->fails()) { return Redirect::back()->withErrors($validator)->withInput(); } $data['body'] = Purifier::clean($data['body'], 'ugc_body'); $post->update($data); $post->retag(Input::get('tags')); Flash::success(lang('Operation succeeded.')); return Redirect::route('posts.show', $post->id); }
public function validarTema($foro_id) { $validador = $this->tema->valida(); if ($validador->passes()) { $mensaje = \Input::get('mensaje'); $mensaje = \Purifier::clean($mensaje); $mensaje = \Utilidades::fluzo_nl2br($mensaje); if (\Input::get('boton') === 'Vista previa') { return \Redirect::to(\Request::path() . '#vista-previa')->withInput()->with(array('mensaje' => $mensaje, 'vista_previa' => true, 'path' => \Session::get('path'))); } elseif (\Input::get('boton') === 'Enviar') { // Guardamos el tema $this->tema->saveTema($mensaje, $foro_id); return \Redirect::to(\Session::get('path'))->with('confirmacion', 'Tu tema será publicado en cuanto lo revisemos, gracias.'); } } else { return \Redirect::to(\Request::path())->withErrors($validador)->withInput()->with(array('foro' => \Session::get('foro'), 'path' => \Session::get('path'))); } }
public function validaComentario() { $validador = Comentario::valida(); if ($validador->passes()) { $mensaje = Input::get('mensaje'); //$mensaje = str_replace(array("<pre>", "</pre>"), array("<pre><![CDATA[", "]]></pre>"), $mensaje); $mensaje = Purifier::clean($mensaje); $mensaje = Utilidades::fluzo_nl2br($mensaje); if (Input::get('boton') === 'Vista previa') { return Redirect::to(Request::path() . '#vista-previa')->withInput()->with(array('mensaje' => $mensaje, 'vista_previa' => true)); } elseif (Input::get('boton') === 'Enviar') { $comentario = new Comentario(); $comentario->autor = Input::get('nombre'); $comentario->cuerpo = $mensaje; $comentario->articulo_id = Input::get('articulo_id'); $comentario->save(); return Redirect::to(Request::path() . '#confirmacion')->with('confirmacion', 'Comentario enviado, se publicara cuando sea revisado, gracias.'); } } else { return Redirect::to(Request::path() . '#error')->withErrors($validador)->withInput(); } }
public function postCreate() { if (Auth::guest()) { return Redirect::secure('user/login'); } // do not use layout for this $this->layout = null; // check image size (must be < 10MB) if (Input::file('image')->getSize() > 10000000) { return Redirect::secure('picture/upload'); } // check image type (must be (jpg, png, gif or jpeg)) if (Input::file('image')->getClientOriginalExtension() == "jpg" || Input::file('image')->getClientOriginalExtension() == "jpeg" || Input::file('image')->getClientOriginalExtension() == "png" || Input::file('image')->getClientOriginalExtension() == "gif") { // add record to db Input::get('isPrivate') == 1 ? $isPrivate = 1 : ($isPrivate = 0); $id = Picture::insertGetId(array('user_id' => Input::get('userId'), 'album_id' => Input::get('albumId'), 'filename' => Input::file('image')->getClientOriginalName(), 'size' => Input::file('image')->getSize(), 'title' => strip_tags(Purifier::clean(Input::get('title'))), 'isPrivate' => $isPrivate)); // move to albums folder $destinationPath = public_path() . "/files/" . Input::get('userId') . "/" . Input::get('albumId'); Input::file('image')->move($destinationPath, Input::file('image')->getClientOriginalName()); // redirect to uploaded picture return Redirect::secure('picture/' . $id); } return Redirect::secure('picture/upload'); }
/** * Clean page's title and content and insert it into SearchableDataObjects * @param Page $p */ public static function insertPage(Page $p) { $Content = Purifier::PurifyTXT($p->Content); $Content = Purifier::RemoveEmbed($Content); self::storeData($p->ID, $p->ClassName, $p->Title, $Content); }
public function setContentAttribute($value) { $this->attributes['content'] = Purifier::clean($value, 'nofollow'); }
function validatePost($table) { // $str = SiteHelpers::columnTable($table); $str = $this->info['config']['forms']; $data = array(); foreach ($str as $f) { $field = $f['field']; if ($f['view'] == 1) { if ($f['type'] == 'textarea_editor' || $f['type'] == 'textarea') { $content = isset($_POST[$field]) ? $_POST[$field] : ''; $data[$field] = Purifier::clean($content); } else { SiteHelpers::globalXssClean(); if (!is_null(Input::get($field))) { $data[$field] = Input::get($field); } // if post is file or image if ($f['type'] == 'file') { if (!is_null(Input::file($field))) { $file = Input::file($field); $destinationPath = './' . str_replace('.', '', $f['option']['path_to_upload']); $filename = $file->getClientOriginalName(); $extension = $file->getClientOriginalExtension(); //if you need extension of the file $uploadSuccess = Input::file($field)->move($destinationPath, $filename); if ($f['option']['resize_width'] != '0' && $f['option']['resize_width'] != '') { if ($f['option']['resize_height'] == 0) { $f['option']['resize_height'] = $f['option']['resize_width']; } $orgFile = $destinationPath . '/' . $filename; SiteHelpers::cropImage($f['option']['resize_width'], $f['option']['resize_height'], $orgFile, $extension, $orgFile); } if ($uploadSuccess) { $data[$field] = $filename; } } } // if post is checkbox if ($f['type'] == 'checkbox') { if (!is_null(Input::get($field))) { $data[$field] = implode(",", Input::get($field)); } } // if post is date if ($f['type'] == 'date') { $data[$field] = date("Y-m-d", strtotime(Input::get($field))); } // if post is seelct multiple if ($f['type'] == 'select') { if (isset($f['option']['is_multiple']) && $f['option']['is_multiple'] == 1) { $data[$field] = implode(",", Input::get($field)); } } } } } $global = isset($this->access['is_global']) ? $this->access['is_global'] : 0; if ($global == 0) { $data['entry_by'] = Session::get('uid'); } return $data; }
<?php /** * Created by PhpStorm. * User: jdiaz * Date: 7/30/15 * Time: 9:16 AM */ require_once 'classes/Purifier.php'; $purifier = new Purifier(); $inputPass = '******'; $saltedPass = $purifier->encryptPassword($inputPass); echo "<strong>Input pass:</strong> {$inputPass} <br />"; echo "<strong>Salted pass:</strong> {$saltedPass} \n";
/** * Gets a HtmlPurifier instance based on a configuration name. * * @param string $config * @return \HtmlPurifier */ public function getHtmlPurifier($config = 'default') { return Purifier::config($config); }
function purifierHtml(&$content) { $oPurifier = Purifier::getInstance(); $oPurifier->purify($content); }
function strip_xss($value) { return Purifier::clean($value, 'ugc_body'); }
/** * Cleans markup * * @param Model $Model * @param string $markup * @param string $config */ public function purifyHtml(Model $Model, $markup, $config) { return Purifier::clean($markup, $config); }
public function step_2() { if (Auth::user()->authenticated != 2) { return Redirect::action('TaskController@step_1'); } if (isset($_POST['hire'])) { $hired_user = User::where('id', $_POST['hire'])->first(); } else { if (Session::has('hire')) { $hired_user = User::where('id', Session::get('hire'))->first(); } else { $hired_user = NULL; } } // dd(Input::all()); $task = Session::get('task'); // $userInput = []; if (Request::method() == "POST") { $userInput = ['title' => Purifier::clean(Input::get('title'), 'titles'), 'detail' => Input::get('detail'), 'hire' => Input::get('hire'), 'file_name' => Input::get('file_name'), 'amount' => '', 'expiration' => '', 'category_id' => '', 'type' => 1]; // echo '<pre>'; // dd(var_dump($task)); // echo '</pre>'; } else { // dd('dd'); // $userInput = [ // 'title' => e(Session::get('title')), // 'detail' => Session::get('detail'), // 'hire' => Session::get('hire'), // 'file_name' => Session::get('file_name'), // 'category_id' => Session::get('category_id') // ]; $userInput = ['title' => e($task['title']), 'detail' => $task['detail'], 'amount' => $task['amount'], 'hire' => $task['hire'], 'file_name' => $task['file_name'], 'expiration' => $task['expiration'], 'category_id' => $task['category_id'], 'type' => $task['type']]; } // $userInput = [ // 'title' => e($task['title']), // 'detail' => $task['detail'], // 'hire' => $task['hire'], // 'file_name' => $task['file_name'], // 'expiration' => $task['expiration'], // 'category_id' => $task['category_id'], // ]; // dd(var_dump($userInput)); $rules = ['title' => 'required', 'detail' => 'required']; $validator = Validator::make($userInput, $rules); if ($validator->passes()) { // Session::set('title' , $userInput['title']); // Session::set('detail', $userInput['detail']); // Session::set('type', $userInput['type']); // Session::set('hire', $userInput['hire']); // Session::set('file_name', $userInput['file_name']); // Session::set('category_id', $userInput['category_id']); // $task = array( // 'title' => $userInput['title'], // 'detail' => $userInput['detail'], // // 'type' => $userInput['type'], // 'hire' => $userInput['hire'], // 'file_name' => $userInput['file_name'], // 'expiration' => $userInput['expiration'], // 'category_id' => $userInput['category_id'], // ); $task['title'] = $userInput['title']; $task['detail'] = $userInput['detail']; $task['amount'] = $userInput['amount']; $task['hire'] = $userInput['hire']; $task['file_name'] = $userInput['file_name']; $task['expiration'] = $userInput['expiration']; $task['category_id'] = $userInput['category_id']; $task['type'] = $userInput['type']; // dd('dd'); Session::set('task', $task); // echo '<pre>'; // dd(var_dump($task)); // echo '</pre>'; $categories = Category::all(); return View::make('task.publish.step_2')->with('categories', $categories)->with('hired_user', $hired_user)->with('task', $task); } else { return Redirect::to('/task/create')->withErrors($validator); } }
public function setMessageAttribute($message) { $this->attributes['message'] = Purifier::clean($message); }
/** * Cleans Markup using a given config * * @param string $markup * @param string $configName */ public static function clean($markup, $configName = null) { $_this = Purifier::getInstance(); if (!isset($_this->_configs[$configName])) { throw new \InvalidArgumentException(sprintf('Invalid configuration %s!', $configName)); } return $_this->getPurifierInstance($configName)->purify($markup); }
function purifierHtml(&$content) { require_once _XE_PATH_ . 'classes/security/Purifier.class.php'; $oPurifier = Purifier::getInstance(); $oPurifier->purify($content); }
/** * Search page, using google's. */ public function search() { $query = Purifier::clean(Input::get('q')); return Redirect::away('https://www.google.com/search?q=site:phphub++.com ' . $query, 301); }
public function postRegister() { // register form post request $rules = array('firstName' => 'required|min:2|max:30', 'lastName' => 'required|min:2|max:30', 'username' => 'required|min:4|max:16', 'email' => 'required|email', 'sex' => 'required', 'password' => 'required|min:6'); $validation = Validator::make(Input::all(), $rules); if ($validation->passes()) { // add to db $data = array('first_name' => strip_tags(Purifier::clean(Input::get('firstName'))), 'last_name' => strip_tags(Purifier::clean(Input::get('lastName'))), 'username' => strip_tags(Purifier::clean(Input::get('username'))), 'password' => Hash::make(Input::get('password')), 'email' => strip_tags(Input::get('email')), 'sex' => strip_tags(Purifier::clean(Input::get('sex')))); if (User::insert($data)) { $user = User::where('email', '=', strip_tags(Purifier::clean(Input::get('email'))))->first(); Auth::login($user, true); return Redirect::secure('/'); } } return Redirect::secure('/user/register'); }
/** * Configures default file logging options */ App::uses('CakeLog', 'Log'); CakeLog::config('debug', array('engine' => 'FileLog', 'types' => array('notice', 'info', 'debug'), 'file' => 'debug')); CakeLog::config('error', array('engine' => 'FileLog', 'types' => array('warning', 'error', 'critical', 'alert', 'emergency'), 'file' => 'error')); CakePlugin::load('HtmlPurifier', array('bootstrap' => true)); $config = HTMLPurifier_Config::createDefault(); $config->set('HTML.AllowedElements', 'a, br, em, blockquote, p, strong, pre, code, span, ul, ol, li, img, sup, sub, h1, h2, h3, h4, h5, h6, u, i, div'); $config->set('HTML.AllowedAttributes', 'a.target, a.href, a.title, img.src, img.alt, span.style, div.style'); $config->set('Attr.AllowedFrameTargets', array('_blank', '_self', '_parent', '_top')); $config->set('CSS.Trusted', true); $config->set('HTML.TidyLevel', 'heavy'); $config->set('HTML.Doctype', 'XHTML 1.0 Transitional'); Purifier::config('UserPageInfo', $config); $config = HTMLPurifier_Config::createDefault(); $config->set('HTML.SafeIframe', true); $config->set('HTML.AllowedElements', 'iframe'); $config->set('HTML.AllowedAttributes', 'iframe.src, iframe.style, iframe.width, iframe.height, iframe.frameborder, iframe.scrolling'); $config->set('URI.SafeIframeRegexp', '%^(https?:)?//www.google.com%'); $config->set('CSS.AllowedProperties', 'text-decoration'); $config->set('HTML.TidyLevel', 'heavy'); $config->set('HTML.Doctype', 'XHTML 1.0 Transitional'); Purifier::config('UserPageCalendar', $config); // Load Composer autoload. require APP . 'Vendor/autoload.php'; // Remove and re-prepend CakePHP's autoloader as Composer thinks it is the // most important. // See: http://goo.gl/kKVJO7 spl_autoload_unregister(array('App', 'load')); spl_autoload_register(array('App', 'load'), true, true);