/** * Filters HTML form data for INPUT to DB * * @param string $html * @param bool $smiley allow smileys? * @param bool $icode allow icmscode? * @param bool $image allow inline images? * @return string **/ public static function filterHTMLinput($html, $smiley = 1, $icode = 1, $image = 1) { icms::$preload->triggerEvent('beforeFilterHTMLinput', array(&$html, $smiley, $icode, $image)); $html = self::codePreConv($html, $icode); $html = self::makeClickable($html); if ($smiley != 0) { $html = self::smiley($html); } if ($icode != 0) { if ($image != 0) { $html = self::codeDecode($html); } else { $html = self::codeDecode($html, 0); } } $html = self::codeConv($html, $icode, $image); $html = icms_core_HTMLFilter::filterHTML($html); icms::$preload->triggerEvent('afterFilterHTMLinput', array(&$html, $smiley, $icode, $image)); return $html; }
/** * Filters HTML form data for Display Only * we don't really require the icmscode stuff, but we need to for content already in the DB before * we start filtering on INPUT instead of OUTPUT!! * * @param string $html * @param bool $icode allow icmscode? * @return string **/ public static function filterHTMLdisplay($html, $icode = 1, $br = 0) { icms::$preload->triggerEvent('beforeFilterHTMLdisplay', array(&$html, 1, $br)); $ifiltered = strpos($html, '<!-- input filtered -->'); if ($ifiltered === FALSE) { $html = self::codePreConv($html, 1); $html = self::smiley($html); $html = self::codeDecode($html); $html = self::codeConv($html, 1, 1); $html = icms_core_HTMLFilter::filterHTML($html); $html .= '<!-- warning! output filtered only -->'; $purified = strpos($html, '<!-- filtered with htmlpurifier -->'); if ($purified === FALSE || ($br = 1)) { $html = self::nl2Br($html); } } $html = self::makeClickable($html); $html = self::censorString($html); // $html = str_replace('<!-- input filtered -->', '', $html); // $html = str_replace('<!-- filtered with htmlpurifier -->', '', $html); icms::$preload->triggerEvent('afterFilterHTMLdisplay', array(&$html, 1, $br)); return $html; }