/**
  * Clean markup
  *
  * @param string $markup
  * @param string $config
  * @return string
  */
 public function clean($markup, $config = null)
 {
     if (empty($config) && !empty($this->settings['config'])) {
         $config = $this->settings['config'];
     }
     return Purifier::clean($markup, $config);
 }
Ejemplo n.º 2
0
 public static function UpdatePage($id, $data)
 {
     $content = Purifier::clean($data['content']);
     $description = Purifier::clean($data['content'], 'noHtml');
     $update_content = DB::table('pages')->where('id', $id)->update(array('title' => $data['title'], 'slug' => $data['slug'], 'content' => $content, 'description' => $description));
     return $update_content;
 }
 /**
  * setUp method
  *
  * @return void
  */
 public function setUp()
 {
     parent::setUp();
     $this->View = $this->getMock('View', array('append'), array(new Controller()));
     $this->Purifier = new HtmlPurifierHelper($this->View);
     Purifier::config('default', array('HTML.AllowedElements' => 'a, em, blockquote, p, strong, pre, code, span,ul,ol,li,img', 'HTML.AllowedAttributes' => 'a.href, a.title, img.src, img.alt', 'HTML.AllowedAttributes' => "*.style", 'CSS.AllowedProperties' => 'text-decoration', 'HTML.TidyLevel' => 'heavy', 'HTML.Doctype' => 'XHTML 1.0 Transitional'));
 }
Ejemplo n.º 4
0
 public function beforeSave($options = array())
 {
     if (isset($this->data['UserPage']['body'])) {
         $this->data['UserPage']['body'] = Purifier::clean($this->data['UserPage']['body'], 'UserPageInfo');
     }
     if (isset($this->data['UserPage']['calendar_iframe'])) {
         $this->data['UserPage']['calendar_iframe'] = Purifier::clean($this->data['UserPage']['calendar_iframe'], 'UserPageCalendar');
     }
     if (!$this->id) {
         $this->data['UserPage']['hash'] = Security::hash(uniqid());
     } else {
         if ($this->calendar_iframe != null) {
             $this->__modifyCalendarIframe();
         }
     }
     if (isset($this->data['UserPage']['phone_number'])) {
         $tmp = implode('', $this->data['UserPage']['phone_number']);
         if (!empty($tmp)) {
             $this->data['UserPage']['phone_number'] = implode('-', $this->data['UserPage']['phone_number']);
         } else {
             $this->data['UserPage']['phone_number'] = '';
         }
     }
     return true;
 }
Ejemplo n.º 5
0
 public function store($data, $type = null)
 {
     $this->user_id = Auth::id();
     $this->question_id = $data['question'];
     $this->slug = Tools::slug($data['title']);
     $this->title = $data['title'];
     $this->type = $data['post_type'];
     $this->selected_option = $data['option'];
     switch ($type) {
         case 'text':
             $this->content = Purifier::clean($data['content']);
             $description = $data['content'];
             break;
         case 'link':
         case 'video':
         case 'vine':
             $this->content = Purifier::clean($data['link'], 'noHtml');
             $description = $data['description'];
             break;
         case 'audio':
         case 'photo':
             $file = Input::file('post_file');
             $this->post_file_ext = $file->getClientOriginalExtension();
             $this->post_file = $this->savePostFile($file, $type, Auth::id());
             $description = $data['content'];
             break;
     }
     $this->description = str_limit(Purifier::clean($description, 'noHtml'), 255, '');
     $this->save();
     return ['id' => $this->id, 'slug' => $this->slug];
 }
 public function send(ResponseSchedule $schedule)
 {
     //Check for any new email/phone/in-person type types for this contact and reschedule responses based on the Note
     // return $schedule->most_recent_note_id;
     $note = $schedule->contact->notes()->where(function ($q) {
         $q->where('note_type', 'Email');
         $q->orWhere('note_type', 'Phone');
         $q->orWhere('note_type', 'In-Person');
     })->whereRaw('note_date > IFNULL((SELECT note_date FROM notes WHERE id = ' . $schedule->most_recent_note_id . " ),'" . $schedule->created_at . "')")->orderBy('note_date', 'desc')->first();
     //If a notes exists, call a reschedule of all items in this Response Template using the Note Date and log Note ID to the scheduled response.
     // return $note;
     if ($note) {
         //If a New Note exists, Reschedule Responses and Exit
         $schedules = $this->reschedule($schedule, $note);
         return $schedules;
     }
     // Else Send the scheduled response using the response detail template
     // Log a Note to Contact containing copy of the message
     // return $schedule->load('detail');
     $note = view('emails.templates.' . $schedule->detail->template_file_name, ['contact' => $schedule->contact]);
     $note_entry = $schedule->contact->notes()->create(['note_date' => Carbon::now(), 'title' => 'Sent: ' . $schedule->detail->template . ": " . $schedule->detail->subject, 'note_type' => 'Scheduled Response', 'create_user_id' => \App\User::where('email', '*****@*****.**')->first()->id, 'note' => \Purifier::clean($note)]);
     // Send the email
     \Mail::send('emails.templates.' . $schedule->detail->template_file_name, ['contact' => $schedule->contact], function ($m) use($schedule) {
         $m->to('*****@*****.**', 'Chris Rundlett')->cc('*****@*****.**', 'Tim Bradshaw')->from('*****@*****.**', 'LTD Sailing')->subject($schedule->detail->subject);
     });
     //Mark the Scheduled Response as SENT
     $schedule->sent_date = Carbon::now();
     $schedule->save();
     return $schedule;
     // return $note_entry->note;
 }
Ejemplo n.º 7
0
 /**
  * Generate a preview
  *
  * @param array $input
  * @param       $user
  * @return \Illuminate\View\View
  */
 public function generatePost($input, $user)
 {
     // Generate preview post
     $post = $this->postRepo->getEmptyPost();
     $post->author = $user;
     $post->markdown = $input['content'];
     $post->html = \Purifier::clean(\Markdown::text($input['content']));
     return $post;
 }
Ejemplo n.º 8
0
 /**
  * Create post
  *
  * @param array $input
  * @param                $topic
  * @param                $user
  * @param bool $add
  * @return \Illuminate\Http\RedirectResponse|object
  */
 public function create($input, $topic, $user, $add = true)
 {
     // Create post
     $data = ['markdown' => $input['content'], 'html' => \Purifier::clean(\Markdown::text($input['content'])), 'topic_id' => $topic->id, 'user_id' => $user->id];
     if (\Bouncer::hasPermission('devresponse') and \Input::get('devresponse') == 1) {
         $data['developer_response'] = true;
     }
     $post = $this->postRepo->create($data);
     return $post;
 }
Ejemplo n.º 9
0
 public function store(CreateMessageRequest $request)
 {
     $input = $request->all();
     $input['body'] = \Purifier::clean($input['body']);
     $input['body'] = \Html::entities($input['body']);
     $message = new Message($input);
     Auth::user()->messages()->save($message);
     \Session::flash('flash_message', 'Your message has been posted!');
     return redirect('messages');
 }
Ejemplo n.º 10
0
 /**
  * Search page, using google's.
  */
 public function search()
 {
     $query = Purifier::clean(Input::get('q'));
     $limit = 20;
     $latest_page = Input::get('page') ?: 1;
     \Paginator::setCurrentPage($latest_page);
     $topics = $this->topic->where('title', 'like', '%' . $query . '%')->with('user', 'node', 'lastReplyUser')->paginate($limit);
     $nodes = Node::allLevelUp();
     $links = Link::remember(1440)->get();
     return View::make('topics.index', compact('topics', 'nodes', 'links'));
     //return Redirect::away('https://www.baidu.com/search?q=site:phphub.org ' . $query, 301);
 }
Ejemplo n.º 11
0
 public function postCreate()
 {
     if (Auth::guest()) {
         return Redirect::secure('user/login');
     }
     // do not use layout for this
     $this->layout = null;
     // add to db
     Input::get('isPrivate') == 1 ? $isPrivate = 1 : ($isPrivate = 0);
     Album::insert(array('user_id' => Input::get('userId'), 'categories_id' => Input::get('category'), 'name' => strip_tags(Purifier::clean(Input::get('name'))), 'isPrivate' => $isPrivate));
     // redirect to albums
     return Redirect::secure('user/albums');
 }
Ejemplo n.º 12
0
 public function update($id)
 {
     $post = Post::findOrFail($id);
     $this->authorOrAdminPermissioinRequire($post->user_id);
     $validator = Validator::make($data = Input::all(), Post::$rules);
     if ($validator->fails()) {
         return Redirect::back()->withErrors($validator)->withInput();
     }
     $data['body'] = Purifier::clean($data['body'], 'ugc_body');
     $post->update($data);
     $post->retag(Input::get('tags'));
     Flash::success(lang('Operation succeeded.'));
     return Redirect::route('posts.show', $post->id);
 }
Ejemplo n.º 13
0
 public function validarTema($foro_id)
 {
     $validador = $this->tema->valida();
     if ($validador->passes()) {
         $mensaje = \Input::get('mensaje');
         $mensaje = \Purifier::clean($mensaje);
         $mensaje = \Utilidades::fluzo_nl2br($mensaje);
         if (\Input::get('boton') === 'Vista previa') {
             return \Redirect::to(\Request::path() . '#vista-previa')->withInput()->with(array('mensaje' => $mensaje, 'vista_previa' => true, 'path' => \Session::get('path')));
         } elseif (\Input::get('boton') === 'Enviar') {
             // Guardamos el tema
             $this->tema->saveTema($mensaje, $foro_id);
             return \Redirect::to(\Session::get('path'))->with('confirmacion', 'Tu tema será publicado en cuanto lo revisemos, gracias.');
         }
     } else {
         return \Redirect::to(\Request::path())->withErrors($validador)->withInput()->with(array('foro' => \Session::get('foro'), 'path' => \Session::get('path')));
     }
 }
Ejemplo n.º 14
0
 public function validaComentario()
 {
     $validador = Comentario::valida();
     if ($validador->passes()) {
         $mensaje = Input::get('mensaje');
         //$mensaje = str_replace(array("<pre>", "</pre>"), array("<pre><![CDATA[", "]]></pre>"), $mensaje);
         $mensaje = Purifier::clean($mensaje);
         $mensaje = Utilidades::fluzo_nl2br($mensaje);
         if (Input::get('boton') === 'Vista previa') {
             return Redirect::to(Request::path() . '#vista-previa')->withInput()->with(array('mensaje' => $mensaje, 'vista_previa' => true));
         } elseif (Input::get('boton') === 'Enviar') {
             $comentario = new Comentario();
             $comentario->autor = Input::get('nombre');
             $comentario->cuerpo = $mensaje;
             $comentario->articulo_id = Input::get('articulo_id');
             $comentario->save();
             return Redirect::to(Request::path() . '#confirmacion')->with('confirmacion', 'Comentario enviado, se publicara cuando sea revisado, gracias.');
         }
     } else {
         return Redirect::to(Request::path() . '#error')->withErrors($validador)->withInput();
     }
 }
Ejemplo n.º 15
0
 public function postCreate()
 {
     if (Auth::guest()) {
         return Redirect::secure('user/login');
     }
     // do not use layout for this
     $this->layout = null;
     // check image size (must be < 10MB)
     if (Input::file('image')->getSize() > 10000000) {
         return Redirect::secure('picture/upload');
     }
     // check image type (must be (jpg, png, gif or jpeg))
     if (Input::file('image')->getClientOriginalExtension() == "jpg" || Input::file('image')->getClientOriginalExtension() == "jpeg" || Input::file('image')->getClientOriginalExtension() == "png" || Input::file('image')->getClientOriginalExtension() == "gif") {
         // add record to db
         Input::get('isPrivate') == 1 ? $isPrivate = 1 : ($isPrivate = 0);
         $id = Picture::insertGetId(array('user_id' => Input::get('userId'), 'album_id' => Input::get('albumId'), 'filename' => Input::file('image')->getClientOriginalName(), 'size' => Input::file('image')->getSize(), 'title' => strip_tags(Purifier::clean(Input::get('title'))), 'isPrivate' => $isPrivate));
         // move to albums folder
         $destinationPath = public_path() . "/files/" . Input::get('userId') . "/" . Input::get('albumId');
         Input::file('image')->move($destinationPath, Input::file('image')->getClientOriginalName());
         // redirect to uploaded picture
         return Redirect::secure('picture/' . $id);
     }
     return Redirect::secure('picture/upload');
 }
 /**
  * Clean page's title and content and insert it into SearchableDataObjects
  * @param Page $p
  */
 public static function insertPage(Page $p)
 {
     $Content = Purifier::PurifyTXT($p->Content);
     $Content = Purifier::RemoveEmbed($Content);
     self::storeData($p->ID, $p->ClassName, $p->Title, $Content);
 }
Ejemplo n.º 17
0
 public function setContentAttribute($value)
 {
     $this->attributes['content'] = Purifier::clean($value, 'nofollow');
 }
 function validatePost($table)
 {
     //		$str = SiteHelpers::columnTable($table);
     $str = $this->info['config']['forms'];
     $data = array();
     foreach ($str as $f) {
         $field = $f['field'];
         if ($f['view'] == 1) {
             if ($f['type'] == 'textarea_editor' || $f['type'] == 'textarea') {
                 $content = isset($_POST[$field]) ? $_POST[$field] : '';
                 $data[$field] = Purifier::clean($content);
             } else {
                 SiteHelpers::globalXssClean();
                 if (!is_null(Input::get($field))) {
                     $data[$field] = Input::get($field);
                 }
                 // if post is file or image
                 if ($f['type'] == 'file') {
                     if (!is_null(Input::file($field))) {
                         $file = Input::file($field);
                         $destinationPath = './' . str_replace('.', '', $f['option']['path_to_upload']);
                         $filename = $file->getClientOriginalName();
                         $extension = $file->getClientOriginalExtension();
                         //if you need extension of the file
                         $uploadSuccess = Input::file($field)->move($destinationPath, $filename);
                         if ($f['option']['resize_width'] != '0' && $f['option']['resize_width'] != '') {
                             if ($f['option']['resize_height'] == 0) {
                                 $f['option']['resize_height'] = $f['option']['resize_width'];
                             }
                             $orgFile = $destinationPath . '/' . $filename;
                             SiteHelpers::cropImage($f['option']['resize_width'], $f['option']['resize_height'], $orgFile, $extension, $orgFile);
                         }
                         if ($uploadSuccess) {
                             $data[$field] = $filename;
                         }
                     }
                 }
                 // if post is checkbox
                 if ($f['type'] == 'checkbox') {
                     if (!is_null(Input::get($field))) {
                         $data[$field] = implode(",", Input::get($field));
                     }
                 }
                 // if post is date
                 if ($f['type'] == 'date') {
                     $data[$field] = date("Y-m-d", strtotime(Input::get($field)));
                 }
                 // if post is seelct multiple
                 if ($f['type'] == 'select') {
                     if (isset($f['option']['is_multiple']) && $f['option']['is_multiple'] == 1) {
                         $data[$field] = implode(",", Input::get($field));
                     }
                 }
             }
         }
     }
     $global = isset($this->access['is_global']) ? $this->access['is_global'] : 0;
     if ($global == 0) {
         $data['entry_by'] = Session::get('uid');
     }
     return $data;
 }
Ejemplo n.º 19
0
<?php

/**
 * Created by PhpStorm.
 * User: jdiaz
 * Date: 7/30/15
 * Time: 9:16 AM
 */
require_once 'classes/Purifier.php';
$purifier = new Purifier();
$inputPass = '******';
$saltedPass = $purifier->encryptPassword($inputPass);
echo "<strong>Input pass:</strong> {$inputPass} <br />";
echo "<strong>Salted pass:</strong> {$saltedPass} \n";
Ejemplo n.º 20
0
 /**
  * Gets a HtmlPurifier instance based on a configuration name.
  *
  * @param string $config
  * @return \HtmlPurifier
  */
 public function getHtmlPurifier($config = 'default')
 {
     return Purifier::config($config);
 }
Ejemplo n.º 21
0
function purifierHtml(&$content)
{
    $oPurifier = Purifier::getInstance();
    $oPurifier->purify($content);
}
Ejemplo n.º 22
0
function strip_xss($value)
{
    return Purifier::clean($value, 'ugc_body');
}
Ejemplo n.º 23
0
 /**
  * Cleans markup
  *
  * @param Model $Model
  * @param string $markup
  * @param string $config
  */
 public function purifyHtml(Model $Model, $markup, $config)
 {
     return Purifier::clean($markup, $config);
 }
Ejemplo n.º 24
0
 public function step_2()
 {
     if (Auth::user()->authenticated != 2) {
         return Redirect::action('TaskController@step_1');
     }
     if (isset($_POST['hire'])) {
         $hired_user = User::where('id', $_POST['hire'])->first();
     } else {
         if (Session::has('hire')) {
             $hired_user = User::where('id', Session::get('hire'))->first();
         } else {
             $hired_user = NULL;
         }
     }
     // dd(Input::all());
     $task = Session::get('task');
     // $userInput = [];
     if (Request::method() == "POST") {
         $userInput = ['title' => Purifier::clean(Input::get('title'), 'titles'), 'detail' => Input::get('detail'), 'hire' => Input::get('hire'), 'file_name' => Input::get('file_name'), 'amount' => '', 'expiration' => '', 'category_id' => '', 'type' => 1];
         // echo '<pre>';
         // dd(var_dump($task));
         // echo '</pre>';
     } else {
         // dd('dd');
         // $userInput = [
         // 	'title'  => e(Session::get('title')),
         // 	'detail' => Session::get('detail'),
         // 	'hire'   => Session::get('hire'),
         // 	'file_name' => Session::get('file_name'),
         // 	'category_id' => Session::get('category_id')
         // ];
         $userInput = ['title' => e($task['title']), 'detail' => $task['detail'], 'amount' => $task['amount'], 'hire' => $task['hire'], 'file_name' => $task['file_name'], 'expiration' => $task['expiration'], 'category_id' => $task['category_id'], 'type' => $task['type']];
     }
     // $userInput = [
     // 	'title' => e($task['title']),
     // 	'detail' => $task['detail'],
     // 	'hire' => $task['hire'],
     // 	'file_name' => $task['file_name'],
     // 	'expiration' => $task['expiration'],
     // 	'category_id' => $task['category_id'],
     // ];
     // dd(var_dump($userInput));
     $rules = ['title' => 'required', 'detail' => 'required'];
     $validator = Validator::make($userInput, $rules);
     if ($validator->passes()) {
         // Session::set('title' , $userInput['title']);
         // Session::set('detail', $userInput['detail']);
         // Session::set('type', $userInput['type']);
         // Session::set('hire', $userInput['hire']);
         // Session::set('file_name', $userInput['file_name']);
         // Session::set('category_id', $userInput['category_id']);
         // $task = array(
         // 	'title' => $userInput['title'],
         // 	'detail' => $userInput['detail'],
         // 	// 'type' => $userInput['type'],
         // 	'hire' => $userInput['hire'],
         // 	'file_name' => $userInput['file_name'],
         // 	'expiration' => $userInput['expiration'],
         // 	'category_id' => $userInput['category_id'],
         // 	);
         $task['title'] = $userInput['title'];
         $task['detail'] = $userInput['detail'];
         $task['amount'] = $userInput['amount'];
         $task['hire'] = $userInput['hire'];
         $task['file_name'] = $userInput['file_name'];
         $task['expiration'] = $userInput['expiration'];
         $task['category_id'] = $userInput['category_id'];
         $task['type'] = $userInput['type'];
         // dd('dd');
         Session::set('task', $task);
         // echo '<pre>';
         // dd(var_dump($task));
         // echo '</pre>';
         $categories = Category::all();
         return View::make('task.publish.step_2')->with('categories', $categories)->with('hired_user', $hired_user)->with('task', $task);
     } else {
         return Redirect::to('/task/create')->withErrors($validator);
     }
 }
Ejemplo n.º 25
0
 public function setMessageAttribute($message)
 {
     $this->attributes['message'] = Purifier::clean($message);
 }
Ejemplo n.º 26
0
 /**
  * Cleans Markup using a given config
  *
  * @param string $markup
  * @param string $configName
  */
 public static function clean($markup, $configName = null)
 {
     $_this = Purifier::getInstance();
     if (!isset($_this->_configs[$configName])) {
         throw new \InvalidArgumentException(sprintf('Invalid configuration %s!', $configName));
     }
     return $_this->getPurifierInstance($configName)->purify($markup);
 }
Ejemplo n.º 27
0
function purifierHtml(&$content)
{
    require_once _XE_PATH_ . 'classes/security/Purifier.class.php';
    $oPurifier = Purifier::getInstance();
    $oPurifier->purify($content);
}
Ejemplo n.º 28
0
 /**
  * Search page, using google's.
  */
 public function search()
 {
     $query = Purifier::clean(Input::get('q'));
     return Redirect::away('https://www.google.com/search?q=site:phphub++.com ' . $query, 301);
 }
Ejemplo n.º 29
0
 public function postRegister()
 {
     // register form post request
     $rules = array('firstName' => 'required|min:2|max:30', 'lastName' => 'required|min:2|max:30', 'username' => 'required|min:4|max:16', 'email' => 'required|email', 'sex' => 'required', 'password' => 'required|min:6');
     $validation = Validator::make(Input::all(), $rules);
     if ($validation->passes()) {
         // add to db
         $data = array('first_name' => strip_tags(Purifier::clean(Input::get('firstName'))), 'last_name' => strip_tags(Purifier::clean(Input::get('lastName'))), 'username' => strip_tags(Purifier::clean(Input::get('username'))), 'password' => Hash::make(Input::get('password')), 'email' => strip_tags(Input::get('email')), 'sex' => strip_tags(Purifier::clean(Input::get('sex'))));
         if (User::insert($data)) {
             $user = User::where('email', '=', strip_tags(Purifier::clean(Input::get('email'))))->first();
             Auth::login($user, true);
             return Redirect::secure('/');
         }
     }
     return Redirect::secure('/user/register');
 }
Ejemplo n.º 30
0
/**
 * Configures default file logging options
 */
App::uses('CakeLog', 'Log');
CakeLog::config('debug', array('engine' => 'FileLog', 'types' => array('notice', 'info', 'debug'), 'file' => 'debug'));
CakeLog::config('error', array('engine' => 'FileLog', 'types' => array('warning', 'error', 'critical', 'alert', 'emergency'), 'file' => 'error'));
CakePlugin::load('HtmlPurifier', array('bootstrap' => true));
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML.AllowedElements', 'a, br, em, blockquote, p, strong, pre, code, span, ul, ol, li, img, sup, sub, h1, h2, h3, h4, h5, h6, u, i, div');
$config->set('HTML.AllowedAttributes', 'a.target, a.href, a.title, img.src, img.alt, span.style, div.style');
$config->set('Attr.AllowedFrameTargets', array('_blank', '_self', '_parent', '_top'));
$config->set('CSS.Trusted', true);
$config->set('HTML.TidyLevel', 'heavy');
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
Purifier::config('UserPageInfo', $config);
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML.SafeIframe', true);
$config->set('HTML.AllowedElements', 'iframe');
$config->set('HTML.AllowedAttributes', 'iframe.src, iframe.style, iframe.width, iframe.height, iframe.frameborder, iframe.scrolling');
$config->set('URI.SafeIframeRegexp', '%^(https?:)?//www.google.com%');
$config->set('CSS.AllowedProperties', 'text-decoration');
$config->set('HTML.TidyLevel', 'heavy');
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
Purifier::config('UserPageCalendar', $config);
// Load Composer autoload.
require APP . 'Vendor/autoload.php';
// Remove and re-prepend CakePHP's autoloader as Composer thinks it is the
// most important.
// See: http://goo.gl/kKVJO7
spl_autoload_unregister(array('App', 'load'));
spl_autoload_register(array('App', 'load'), true, true);