public function actionIndex()
{
$request = Yii::$app->request;
try {
$query = $request->get('search-string', '');
$query = HtmlPurifier::process($query);
Yii::$app->view->title = 'Kết quả tìm kiếm cho ' . $query;
Yii::$app->view->registerMetaTag(['name' => 'description', 'content' => 'Bluebee-UET.com - Kết quả tìm kiếm cho ' . $query]);
Yii::$app->view->registerMetaTag(['property' => 'og:title', 'content' => 'Bluebee-UET.com - Kết quả tìm kiếm cho ' . $query]);
Yii::$app->view->registerMetaTag(['property' => 'og:description', 'content' => 'Bluebee-UET.com - Kết quả tìm kiếm cho ' . $query]);
Yii::$app->view->registerMetaTag(['property' => 'og:image', 'content' => 'http://bluebee-uet.com/img/logo.jpg']);
$attr = $request->get('attr', '');
switch ($attr) {
case 'teacher':
$data = Teachers::searchTeachers(strtolower($query));
break;
case 'document':
$data = Documents::searchDocuments(strtolower($query));
break;
case 'subject':
$data = Subjects::searchSubjects(strtolower($query));
break;
default:
$this->redirect('http://bluebee-uet.com');
break;
}
$data['attr'] = $attr;
$data['query'] = $query;
return $this->render('index', $data);
} catch (Exception $ex) {
}
}
/**
* returns page slug if set
* @return string
*/
public function pageSlug()
{
if (isset($_GET['slug'])) {
return HtmlPurifier::process($_GET['slug']);
}
return false;
}
public function run($id, $title)
{
$id = (int) $id;
$cacheKey = __NAMESPACE__ . __CLASS__ . 'adver.view' . $id;
$cache = Yii::$app->getCache();
if (!($model = $cache->get($cacheKey))) {
$model = Adver::find()->with(['attachment' => function ($query) {
$query->select(['id', 'adver_id', 'name', 'title']);
}, 'gallery' => function ($query) {
$query->select(['id', 'adver_id', 'name', 'title']);
}, 'category' => function ($query) {
$query->select(['id', 'name']);
}, 'country' => function ($query) {
$query->select(['id', 'name']);
}, 'province' => function ($query) {
$query->select(['id', 'name']);
}, 'city' => function ($query) {
$query->select(['id', 'name']);
}])->where(['id' => $id, 'status' => Adver::STATUS_ACTIVE, 'lang' => ['*', Yii::$app->language]])->asArray()->one();
if (!$model) {
throw new \yii\web\NotFoundHttpException(Yii::t('app', 'The requested page does not exist.'));
}
$model['description'] = HtmlPurifier::process($model['description']);
$cache->set($cacheKey, $model, 2592000, new \yii\caching\DbDependency(['sql' => "SELECT [[updated_at]] FROM {{%adver}} WHERE [[id]] = :id AND [[status]] = :status", 'params' => [':id' => $id, ':status' => Adver::STATUS_ACTIVE]]));
}
return $this->controller->render('view', ['model' => $model]);
}
private function processthemessage($message)
{
$Dbfactory = DbFactory::getinstance();
$message = $Dbfactory->dbSqlProtected($message);
$message = \yii\helpers\HtmlPurifier::process($message);
return $message;
}
/**
* Download the exported file
*
* @return mixed
*/
public function actionDownload()
{
$request = Yii::$app->request;
$type = $request->post('export_filetype', 'html');
$name = $request->post('export_filename', Yii::t('kvgrid', 'export'));
$content = $request->post('export_content', Yii::t('kvgrid', 'No data found'));
$mime = $request->post('export_mime', 'text/plain');
$encoding = $request->post('export_encoding', 'utf-8');
$bom = $request->post('export_bom', true);
$config = $request->post('export_config', '{}');
if ($type == GridView::PDF) {
$config = Json::decode($config);
$this->generatePDF($content, "{$name}.pdf", $config);
/** @noinspection PhpInconsistentReturnPointsInspection */
return;
} elseif ($type == GridView::HTML) {
$content = HtmlPurifier::process($content);
} elseif ($type == GridView::CSV || $type == GridView::TEXT) {
if ($encoding != 'utf-8') {
$content = mb_convert_encoding($content, $encoding, 'utf-8');
} elseif ($bom) {
$content = chr(239) . chr(187) . chr(191) . $content;
// add BOM
}
}
$this->setHttpHeaders($type, $name, $mime, $encoding);
return $content;
}
public function beforeSave($insert)
{
if (parent::beforeSave($insert)) {
$this->value = HtmlPurifier::process($this->value);
return true;
}
return false;
}
public function run()
{
$item = Items::find()->where(['id' => $this->id])->one();
return '<div class="articleWidget articleWidget-' . $this->id . ' ' . $this->classes . '">
<h3><a href="' . $item->getItemUrl() . '" title="' . Html::encode($item->title) . '">' . Html::encode($item->title) . '</a></h3>
<div class="widgetText">' . HtmlPurifier::process($item->introtext) . '</div>
</div>';
}
/**
* @inheritdoc
*/
public function rules()
{
return [[['receiver_id', 'topic', 'content'], 'required'], ['receiver_id', 'validateReceiver'], ['topic', 'string', 'max' => 255], ['topic', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process($value);
}], ['content', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process($value, Helper::podiumPurifierConfig('full'));
}]];
}
/**
* @inheritdoc
*/
public function rules()
{
return [[['location', 'signature'], 'trim'], ['location', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process(Html::encode($value));
}], ['gravatar', 'boolean'], ['image', 'image', 'mimeTypes' => 'image/png, image/jpeg, image/gif', 'maxWidth' => self::MAX_WIDTH, 'maxHeight' => self::MAX_HEIGHT, 'maxSize' => self::MAX_SIZE], ['signature', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process($value, Helper::podiumPurifierConfig('minimal'));
}], ['signature', 'string', 'max' => 512]];
}
/**
* @inheritdoc
*/
public function rules()
{
return [[['content'], 'filter', 'filter' => function ($value) {
return \yii\helpers\HtmlPurifier::process($value, ['HTML.Allowed' => self::$ALLOWED_TAGS]);
}], [['title'], 'filter', 'filter' => function ($value) {
return \yii\helpers\HtmlPurifier::process($value, ['HTML.Allowed' => '']);
}], [['categorys'], 'inCategories'], [['title', 'content'], 'required'], [['content'], 'string', 'max' => 1000], [['created_at', 'updated_at', 'user_id'], 'integer'], [['title'], 'string', 'max' => 255]];
}
/**
* @inheritdoc
*/
public function rules()
{
Validator::$builtInValidators['uri'] = 'cyneek\\yii2\\widget\\urlparser\\validators\\UriValidator';
return [[['title', 'url', 'text'], 'required'], [['id', 'author_id', 'last_editor_id'], 'integer'], [['creation_date', 'update_date'], 'string'], [['text'], 'string', 'encoding' => 'utf8'], [['title'], 'string', 'length' => [5, 255]], [['url'], 'uri'], [['text'], function ($attribute) {
// Maybe adding
$this->{$attribute} = \yii\helpers\HtmlPurifier::process($this->{$attribute});
}], [['id', 'title', 'url', 'text'], 'safe']];
}
/**
* @inheritdoc
*/
public function rules()
{
return [['topic', 'required', 'message' => Yii::t('podium/view', 'Topic can not be blank.'), 'on' => ['firstPost']], ['topic', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process(Html::encode($value));
}, 'on' => ['firstPost']], ['subscribe', 'boolean'], ['content', 'required'], ['content', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process($value, Helper::podiumPurifierConfig('full'));
}], ['content', 'string', 'min' => 10]];
}
/**
* @inheritdoc
*/
public function behaviors()
{
return [TimestampBehavior::className(), ['class' => AttributeBehavior::className(), 'attributes' => [ActiveRecord::EVENT_BEFORE_INSERT => 'alias'], 'value' => function ($event) {
return Inflector::slug($event->sender->title);
}], ['class' => AttributeBehavior::className(), 'attributes' => [ActiveRecord::EVENT_AFTER_FIND => 'body'], 'value' => function ($event) {
return HtmlPurifier::process(Markdown::process($event->sender->content, 'gfm'));
}]];
}
public function toArray($queryResult)
{
$regions = [];
foreach ($queryResult as $region) {
$regions[] = ['id' => HtmlPurifier::process(stripslashes($region->idRegion)), 'name' => HtmlPurifier::process(stripslashes($region->vch_name)), 'day_way' => HtmlPurifier::process(stripslashes($region->num_day_way))];
}
return $regions;
}
public function toArray($queryResult)
{
$couriers = [];
foreach ($queryResult as $courier) {
$couriers[] = ['id' => HtmlPurifier::process(stripslashes($courier->idCourier)), 'firstName' => HtmlPurifier::process(stripslashes($courier->vch_first_name)), 'lastName' => HtmlPurifier::process(stripslashes($courier->vch_last_name)), 'middleName' => HtmlPurifier::process(stripslashes($courier->vch_middle_name))];
}
return $couriers;
}
/**
* @inheritdoc
*/
public function rules()
{
return [[['content', 'topic'], 'required'], [['content', 'topic'], 'string', 'min' => 1], ['topic', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process($value);
}], ['content', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process($value, Helper::podiumPurifierConfig('full'));
}]];
}
/**
* @inheritdoc
*/
public function rules()
{
return [[['topic', 'content'], 'required'], [['receiversId', 'friendsId'], 'each', 'rule' => ['integer', 'min' => 1]], ['sender_status', 'in', 'range' => self::getStatuses()], ['topic', 'string', 'max' => 255], ['topic', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process($value);
}], ['content', 'filter', 'filter' => function ($value) {
return HtmlPurifier::process($value, Helper::podiumPurifierConfig('minimal'));
}]];
}
/**
* @inheritdoc
*/
public function rules()
{
return [[['description'], 'filter', 'filter' => function ($value) {
return \yii\helpers\HtmlPurifier::process($value, ['HTML.Allowed' => self::$ALLOWED_TAGS]);
}], [['name'], 'filter', 'filter' => function ($value) {
return \yii\helpers\HtmlPurifier::process($value, ['HTML.Allowed' => '']);
}], [['status', 'user_id'], 'integer'], ['status', 'in', 'range' => [self::STATUS_ON, self::STATUS_OFF]], [['name', 'description'], 'required'], [['name', 'description'], 'string', 'max' => 255]];
}
/**
* Convert markdown text to HTML for preview
*
* @returns JSON encoded HTML output
*/
public function actionPreview()
{
$output = '';
$module = Config::getModule(Module::MODULE);
if (isset($_POST['source'])) {
$output = strlen($_POST['source']) > 0 ? Markdown::convert($_POST['source'], ['custom' => $module->customConversion]) : $_POST['nullMsg'];
}
echo Json::encode(HtmlPurifier::process($output));
}
/**
* Convert markdown text to HTML for preview
*
* @returns JSON encoded HTML output
*/
public function actionPreview()
{
$output = '';
$module = Yii::$app->controller->module;
if (isset($_POST['source'])) {
$output = strlen($_POST['source']) > 0 ? Markdown::convert($_POST['source'], ['custom' => $module->customConversion]) : $_POST['nullMsg'];
}
echo Json::encode(HtmlPurifier::process($output));
}
/**
* @inheritdoc
*/
public function rules()
{
return [[['title', 'content', 'category_id'], 'required'], [['content', 'cover_img', 'publish_at', 'author', 'tag'], 'string'], [['status', 'view_count', 'share', 'created_at', 'updated_at'], 'integer'], [['title'], 'string', 'max' => 100], [['category_id'], 'string', 'max' => 10], [['author'], 'string', 'max' => 30], ['author', 'filter', 'filter' => function ($value) {
return $value ?: Yii::$app->user->identity->username;
}], [['content'], 'filter', 'filter' => function ($value) {
return HtmlPurifier::process($value);
}], ['publish_at', 'filter', 'filter' => function ($value) {
return $value ?: date('Y-m-d', time());
}], ['tag', 'match', 'pattern' => Yii::$app->params['regex.tag'], 'message' => '标签不合法']];
}
/**
* @inheritdoc
*/
public function rules()
{
return [[['content'], 'required', 'when' => function ($model) {
return empty($this->img);
}], [['img'], 'required', 'when' => function ($model) {
return empty($this->content);
}], [['content'], 'filter', 'filter' => function ($value) {
return \yii\helpers\HtmlPurifier::process($value, ['HTML.Allowed' => '']);
}], [['content'], 'string', 'max' => 300], [['image_id', 'created_at', 'user_id'], 'integer'], [['img'], 'file', 'extensions' => ['png', 'jpg', 'gif', 'jpeg'], 'maxSize' => 1024 * 1]];
}
public function beforeValidate()
{
if (parent::beforeValidate()) {
if (isset($_POST['Job']['title'])) {
$this->description = HtmlPurifier::process($this->description, ['Attr.EnableID' => true, 'Filter.YouTube' => true, 'HTML.TargetBlank' => true]);
}
return true;
}
return false;
}
public function run()
{
if (Yii::$app->user->isGuest && empty($this->_comment->username)) {
$this->_comment->username = HtmlPurifier::process(Yii::$app->getRequest()->getCookies()->getValue('username'));
}
if (Yii::$app->user->isGuest && empty($this->_comment->email)) {
$this->_comment->email = HtmlPurifier::process(Yii::$app->getRequest()->getCookies()->getValue('email'));
}
return $this->render('form', ['comment' => $this->_comment]);
}
/**
* 安全过滤输入参数
* @param string|array $params
* @return string|array
*/
public static function filter($params)
{
$filter = function ($value) {
return addslashes(strip_tags(\yii\helpers\HtmlPurifier::process($value)));
};
if (is_array($params)) {
return array_map($filter, $params);
} else {
return $filter($params);
}
}
public static function getPage($url)
{
sleep(self::$timeout);
self::$timeout = 2;
$curl = curl_init();
curl_setopt_array($curl, array(CURLOPT_RETURNTRANSFER => 1, CURLOPT_URL => $url, CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13'));
$htmlpurifier_config = \HTMLPurifier_Config::createDefault();
$htmlpurifier_config->set('Attr.EnableID', true);
// $htmlpurifier_config->set('Attr.EnableID', true);
$purifier = new HtmlPurifier($htmlpurifier_config);
return $purifier->process(curl_exec($curl));
}
public function actionView($file)
{
$file = str_replace(['..', '/', '\\'], '', $file);
$file_path = \Yii::getAlias('@webroot') . "/uploads/{$file}";
if (file_exists($file_path) && $this->isXML($file_path) && false !== ($model = file_get_contents($file_path)) && false !== ($body = $this->getXMLBody($model))) {
$purified_body = \yii\helpers\HtmlPurifier::process($body);
$purified_body = Enricher::process($purified_body);
$title = $this->getXMLTitle($model);
$purified_title = \yii\helpers\HtmlPurifier::process($title);
return $this->render('view', ['content' => $purified_body, 'title' => $title]);
}
return $this->redirect(['site/index']);
}
public function actionMarkdownPreview()
{
$module = Yii::$app->getModule('markdown');
/*if (\Yii::$app->user->can('smarty')) {
$module->smarty = true;
$module->smartyYiiApp = \Yii::$app->user->can('smartyYiiApp') ? true : false;
$module->smartyYiiParams = Yii::$app->user->can('smartyYiiParams') ? true : false;
}*/
if (isset($_POST['source'])) {
$output = strlen($_POST['source']) > 0 ? Markdown::convert($_POST['source'], ['custom' => $module->customConversion]) : $_POST['nullMsg'];
}
echo Json::encode(HtmlPurifier::process($output));
}
/**
* @inheritdoc
*/
public function rules()
{
return [[['desc'], function ($attribute) {
//,'created_at','complete_at'
$this->{$attribute} = \yii\helpers\HtmlPurifier::process($this->{$attribute});
}], [['created_at', 'complete_at'], function ($attribute) {
//var_dump($attribute);die();
if (!\DateTime::createFromFormat('Y-m-d', $this->{$attribute})) {
$this->{$attribute} = time();
} else {
$this->{$attribute} = strtotime($this->{$attribute});
}
}], [['created_at', 'user_id', 'status', 'complete_at'], 'integer'], [['words', 'file_result', 'desc'], 'safe']];
}
public function actionRss()
{
/** @var News[] $news */
$news = News::find()->where(['status' => News::STATUS_PUBLIC])->orderBy('id DESC')->limit(50)->all();
$feed = new Feed();
$feed->title = 'YiiFeed';
$feed->link = Url::to('');
$feed->selfLink = Url::to(['news/rss'], true);
$feed->description = 'Yii news';
$feed->language = 'en';
$feed->setWebMaster('*****@*****.**', 'Alexander Makarov');
$feed->setManagingEditor('*****@*****.**', 'Alexander Makarov');
foreach ($news as $post) {
$item = new Item();
$item->title = $post->title;
$item->link = Url::to(['news/view', 'id' => $post->id], true);
$item->guid = Url::to(['news/view', 'id' => $post->id], true);
$item->description = HtmlPurifier::process(Markdown::process($post->text));
if (!empty($post->link)) {
$item->description .= Html::a(Html::encode($post->link), $post->link);
}
$item->pubDate = $post->created_at;
$item->setAuthor('*****@*****.**', 'YiiFeed');
$feed->addItem($item);
}
$feed->render();
}