PHP htmlspecialchars Examples

PHP htmlspecialchars - 30 examples found. These are the top rated real world PHP examples of htmlspecialchars extracted from open source projects. You can rate examples to help us improve the quality of examples.
Example #1
1
File: lib.php Project: winiceo/job
function dump($var, $echo = true, $label = null, $strict = true)
{
    $label = $label === null ? '' : rtrim($label) . ' ';
    if (!$strict) {
        if (ini_get('html_errors')) {
            $output = print_r($var, true);
            $output = "<pre>" . $label . htmlspecialchars($output, ENT_QUOTES) . "</pre>";
        } else {
            $output = $label . " : " . print_r($var, true);
        }
    } else {
        ob_start();
        var_dump($var);
        $output = ob_get_clean();
        if (!extension_loaded('xdebug')) {
            $output = preg_replace("/\\]\\=\\>\n(\\s+)/m", "] => ", $output);
            $output = '<pre>' . $label . htmlspecialchars($output, ENT_QUOTES, "GB2312") . '</pre>';
        }
    }
    if ($echo) {
        echo $output;
        return null;
    } else {
        return $output;
    }
}
 public function submitInfo()
 {
     $this->load->model("settings_model");
     // Gather the values
     $values = array('nickname' => htmlspecialchars($this->input->post("nickname")), 'location' => htmlspecialchars($this->input->post("location")));
     // Change language
     if ($this->config->item('show_language_chooser')) {
         $values['language'] = $this->input->post("language");
         if (!is_dir("application/language/" . $values['language'])) {
             die("3");
         } else {
             $this->user->setLanguage($values['language']);
             $this->plugins->onSetLanguage($this->user->getId(), $values['language']);
         }
     }
     // Remove the nickname field if it wasn't changed
     if ($values['nickname'] == $this->user->getNickname()) {
         $values = array('location' => $this->input->post("location"));
     } elseif (strlen($values['nickname']) < 4 || strlen($values['nickname']) > 14 || !preg_match("/[A-Za-z0-9]*/", $values['nickname'])) {
         die(lang("nickname_error", "ucp"));
     } elseif ($this->internal_user_model->nicknameExists($values['nickname'])) {
         die("2");
     }
     if (strlen($values['location']) > 32 && !ctype_alpha($values['location'])) {
         die(lang("location_error", "ucp"));
     }
     $this->settings_model->saveSettings($values);
     $this->plugins->onSaveSettings($this->user->getId(), $values);
     die("1");
 }
Example #3
1
/**
 * Sanitizes $message, taking into account our special codes
 * for formatting.
 *
 * If you want to include result in element attribute, you should escape it.
 *
 * Examples:
 *
 * <p><?php echo PMA_sanitize($foo); ?></p>
 *
 * <a title="<?php echo PMA_sanitize($foo, true); ?>">bar</a>
 *
 * @uses    preg_replace()
 * @uses    strtr()
 * @param   string   the message
 * @param   boolean  whether to escape html in result
 *
 * @return  string   the sanitized message
 *
 * @access  public
 */
function PMA_sanitize($message, $escape = false, $safe = false)
{
    if (!$safe) {
        $message = strtr($message, array('<' => '&lt;', '>' => '&gt;'));
    }
    $replace_pairs = array('[i]' => '<em>', '[/i]' => '</em>', '[em]' => '<em>', '[/em]' => '</em>', '[b]' => '<strong>', '[/b]' => '</strong>', '[strong]' => '<strong>', '[/strong]' => '</strong>', '[tt]' => '<code>', '[/tt]' => '</code>', '[code]' => '<code>', '[/code]' => '</code>', '[kbd]' => '<kbd>', '[/kbd]' => '</kbd>', '[br]' => '<br />', '[/a]' => '</a>', '[sup]' => '<sup>', '[/sup]' => '</sup>');
    $message = strtr($message, $replace_pairs);
    $pattern = '/\\[a@([^"@]*)@([^]"]*)\\]/';
    if (preg_match_all($pattern, $message, $founds, PREG_SET_ORDER)) {
        $valid_links = array('http', './Do', './ur');
        foreach ($founds as $found) {
            // only http... and ./Do... allowed
            if (!in_array(substr($found[1], 0, 4), $valid_links)) {
                return $message;
            }
            // a-z and _ allowed in target
            if (!empty($found[2]) && preg_match('/[^a-z_]+/i', $found[2])) {
                return $message;
            }
        }
        if (substr($found[1], 0, 4) == 'http') {
            $message = preg_replace($pattern, '<a href="' . PMA_linkURL($found[1]) . '" target="\\2">', $message);
        } else {
            $message = preg_replace($pattern, '<a href="\\1" target="\\2">', $message);
        }
    }
    if ($escape) {
        $message = htmlspecialchars($message);
    }
    return $message;
}
Example #4
1
/**
 * Dropdown(select with options) shortcode attribute type generator.
 *
 * @param $settings
 * @param $value
 *
 * @since 4.4
 * @return string - html string.
 */
function vc_dropdown_form_field($settings, $value)
{
    $output = '';
    $css_option = str_replace('#', 'hash-', vc_get_dropdown_option($settings, $value));
    $output .= '<select name="' . $settings['param_name'] . '" class="wpb_vc_param_value wpb-input wpb-select ' . $settings['param_name'] . ' ' . $settings['type'] . ' ' . $css_option . '" data-option="' . $css_option . '">';
    if (is_array($value)) {
        $value = isset($value['value']) ? $value['value'] : array_shift($value);
    }
    if (!empty($settings['value'])) {
        foreach ($settings['value'] as $index => $data) {
            if (is_numeric($index) && (is_string($data) || is_numeric($data))) {
                $option_label = $data;
                $option_value = $data;
            } elseif (is_numeric($index) && is_array($data)) {
                $option_label = isset($data['label']) ? $data['label'] : array_pop($data);
                $option_value = isset($data['value']) ? $data['value'] : array_pop($data);
            } else {
                $option_value = $data;
                $option_label = $index;
            }
            $selected = '';
            $option_value_string = (string) $option_value;
            $value_string = (string) $value;
            if ('' !== $value && $option_value_string === $value_string) {
                $selected = ' selected="selected"';
            }
            $option_class = str_replace('#', 'hash-', $option_value);
            $output .= '<option class="' . esc_attr($option_class) . '" value="' . esc_attr($option_value) . '"' . $selected . '>' . htmlspecialchars($option_label) . '</option>';
        }
    }
    $output .= '</select>';
    return $output;
}
 function onParseContentBlock($page, $name, $text, $shortcut)
 {
     $output = NULL;
     if ($name == "fotorama" && $shortcut) {
         list($pattern, $style, $nav, $autoplay) = $this->yellow->toolbox->getTextArgs($text);
         if (empty($style)) {
             $style = $this->yellow->config->get("fotoramaStyle");
         }
         if (empty($nav)) {
             $nav = $this->yellow->config->get("fotoramaNav");
         }
         if (empty($autoplay)) {
             $autoplay = $this->yellow->config->get("fotoramaAutoplay");
         }
         if (empty($pattern)) {
             $files = $page->getFiles(true);
         } else {
             $images = $this->yellow->config->get("imageDir");
             $files = $this->yellow->files->index(true, true)->match("#{$images}{$pattern}#");
         }
         if (count($files)) {
             $page->setLastModified($files->getModified());
             $output = "<div class=\"" . htmlspecialchars($style) . "\" data-nav=\"" . htmlspecialchars($nav) . "\" data-autoplay=\"" . htmlspecialchars($autoplay) . "\" data-loop=\"true\">\n";
             foreach ($files as $file) {
                 list($width, $height) = $this->yellow->toolbox->detectImageInfo($file->fileName);
                 $output .= "<img src=\"" . htmlspecialchars($file->getLocation()) . "\" width=\"" . htmlspecialchars($width) . "\" height=\"" . htmlspecialchars($height) . "\" alt=\"" . basename($file->getLocation()) . "\" title=\"" . basename($file->getLocation()) . "\" />\n";
             }
             $output .= "</div>";
         } else {
             $page->error(500, "Fotorama '{$pattern}' does not exist!");
         }
     }
     return $output;
 }
 /**
  * Does the actual work of each specific transformations plugin.
  *
  * @param string $buffer  text to be transformed
  * @param array  $options transformation options
  * @param string $meta    meta information
  *
  * @return string
  */
 public function applyTransformation($buffer, $options = array(), $meta = '')
 {
     $options = $this->getOptions($options, array('', ''));
     //just prepend and/or append the options to the original text
     $newtext = htmlspecialchars($options[0]) . $buffer . htmlspecialchars($options[1]);
     return $newtext;
 }
Example #7
0
function eh($string)
{
    if (!isset($string)) {
        return;
    }
    echo htmlspecialchars($string, ENT_QUOTES);
}
Example #8
0
 public function process($value, array $params = array())
 {
     $value = explode("||", $value);
     $default = explode("||", $this->tv->get('default_text'));
     $options = $this->getInputOptions();
     $items = array();
     $defaults = array();
     $i = 0;
     foreach ($options as $option) {
         $opt = explode("==", $option);
         $checked = false;
         if (!isset($opt[1])) {
             $opt[1] = $opt[0];
         }
         /* set checked status */
         if (in_array($opt[1], $value)) {
             $checked = true;
         }
         /* add checkbox id to defaults if is a default value */
         if (in_array($opt[1], $default)) {
             $defaults[] = 'tv' . $this->tv->get('id') . '-' . $i;
         }
         /* do escaping of strings, encapsulate in " so extjs/other systems can
          * utilize values correctly in their cast
          */
         if (preg_match('/^([-]?(0|0{1}[1-9]+[0-9]*|[1-9]+[0-9]*[\\.]?[0-9]*))$/', $opt[1]) == 0) {
             $opt[1] = '"' . str_replace('"', '\\"', $opt[1]) . '"';
         }
         $items[] = array('text' => htmlspecialchars($opt[0], ENT_COMPAT, 'UTF-8'), 'value' => $opt[1], 'checked' => $checked);
         $i++;
     }
     $this->setPlaceholder('cbdefaults', implode(',', $defaults));
     $this->setPlaceholder('opts', $items);
 }
Example #9
0
 public function e($var)
 {
     if (!is_string($var)) {
         throw new Exception('$var must be a string.');
     }
     return htmlspecialchars($var, ENT_QUOTES);
 }
Example #10
0
 function Explain($sql, $partial = false)
 {
     $save = $this->conn->LogSQL(false);
     if ($partial) {
         $sqlq = $this->conn->qstr($sql . '%');
         $arr = $this->conn->GetArray("select distinct distinct sql1 from adodb_logsql where sql1 like {$sqlq}");
         if ($arr) {
             foreach ($arr as $row) {
                 $sql = reset($row);
                 if (crc32($sql) == $partial) {
                     break;
                 }
             }
         }
     }
     $sql = str_replace('?', "''", $sql);
     $s = '<p><b>Explain</b>: ' . htmlspecialchars($sql) . '</p>';
     $rs = $this->conn->Execute('EXPLAIN ' . $sql);
     $this->conn->LogSQL($save);
     $s .= '<pre>';
     if ($rs) {
         while (!$rs->EOF) {
             $s .= reset($rs->fields) . "\n";
             $rs->MoveNext();
         }
     }
     $s .= '</pre>';
     $s .= $this->Tracer($sql, $partial);
     return $s;
 }
/**
 * Get page components to view a blog post.
 *
 * @param int $guid GUID of a blog entity.
 * @return array
 */
function blog_get_page_content_read($guid = NULL)
{
    $return = array();
    $blog = get_entity($guid);
    // no header or tabs for viewing an individual blog
    $return['filter'] = '';
    if (!elgg_instanceof($blog, 'object', 'blog')) {
        $return['content'] = elgg_echo('blog:error:post_not_found');
        return $return;
    }
    $return['title'] = htmlspecialchars($blog->title);
    $container = $blog->getContainerEntity();
    $crumbs_title = $container->name;
    if (elgg_instanceof($container, 'group')) {
        elgg_push_breadcrumb($crumbs_title, "blog/group/{$container->guid}/all");
    } else {
        elgg_push_breadcrumb($crumbs_title, "blog/owner/{$container->username}");
    }
    elgg_push_breadcrumb($blog->title);
    $return['content'] = elgg_view_entity($blog, array('full_view' => true));
    //check to see if comment are on
    if ($blog->comments_on != 'Off') {
        $return['content'] .= elgg_view_comments($blog);
    }
    return $return;
}
Example #12
0
 /**
  * Parse the correct messages into the template
  */
 protected function parse()
 {
     parent::parse();
     // grab the error-type from the parameters
     $errorType = $this->getParameter('type');
     // set correct headers
     switch ($errorType) {
         case 'module-not-allowed':
         case 'action-not-allowed':
             SpoonHTTP::setHeadersByCode(403);
             break;
         case 'not-found':
             SpoonHTTP::setHeadersByCode(404);
             break;
     }
     // querystring provided?
     if ($this->getParameter('querystring') !== null) {
         // split into file and parameters
         $chunks = explode('?', $this->getParameter('querystring'));
         // get extension
         $extension = SpoonFile::getExtension($chunks[0]);
         // if the file has an extension it is a non-existing-file
         if ($extension != '' && $extension != $chunks[0]) {
             // set correct headers
             SpoonHTTP::setHeadersByCode(404);
             // give a nice error, so we can detect which file is missing
             echo 'Requested file (' . htmlspecialchars($this->getParameter('querystring')) . ') not found.';
             // stop script execution
             exit;
         }
     }
     // assign the correct message into the template
     $this->tpl->assign('message', BL::err(SpoonFilter::toCamelCase(htmlspecialchars($errorType), '-')));
 }
Example #13
0
 /**
  *
  *
  * @return Mage_Adminhtml_Block_Catalog_Category_Tree
  */
 protected function getCategories()
 {
     $values = $this->getData('option_values');
     if (is_null($values)) {
         $values = array();
         /* @var $categoryCollection Mage_Catalog_Model_Resource_Category_Collection */
         $categoryCollection = Mage::getResourceModel('catalog/category_collection')->addAttributeToSelect('name')->addAttributeToSelect('is_active')->addFieldToFilter('is_active', '1')->setOrder('position', 'asc')->load();
         /* @var $category Mage_Catalog_Model_Category */
         foreach ($categoryCollection as $category) {
             $value = array();
             $value['id'] = $category->getId();
             $value['parent_id'] = $category->getParentId();
             if (!$category->getName()) {
                 continue;
             }
             foreach ($this->getStores() as $store) {
                 if ($store->getId()) {
                     $storeValues = $this->getStoreOptionValues($store->getId());
                 } else {
                     $storeValues[$category->getId()] = $category->getName();
                 }
                 if (isset($storeValues[$category->getId()])) {
                     $value[$store->getId()] = htmlspecialchars($storeValues[$category->getId()]);
                 } else {
                     $value[$store->getId()] = '';
                 }
             }
             $values[] = new Varien_Object($value);
         }
         $this->setData('option_values', $values);
     }
     return $values;
 }
Example #14
0
   function edit()
   {
       $db = new sql();
       $db->connect();
       $res = $db->query("select * from chapters where id=" . $this->id);
       $data = $db->fetch_array($res);
       $data["text"] = htmlspecialchars($data["text"]);
       $true = $data["type"] == 4 ? " && true" : " && false";
       $db = new sql();
       $db->connect();
       $res1 = $db->query("select * from types order by id");
       while ($data1 = $db->fetch_array($res1)) {
           $i++;
           $types .= "<option" . ($data["type"] == $data1[id] ? " selected" : "") . " value=\"{$data1['id']}\">{$data1['title']}</option>";
       }
       $select = admin::getDateSelectOptions($data["time"]);
       $chid = $this->chid;
       $action = "appendEdit";
       $id = '<tr>
		<td>№</td>
		<td><input maxlength="14" name="fields[id]" size="14" value="' . $this->id . '" readonly="readonly" style="width: auto;" value="' . $this->id . '"></td>
	</tr>';
       //$res2=$db->query("select id, name, short_text, time from library where id='".$data["article"]."'");
       $state_selected[$data["state"]] = " selected";
       $header = "Редактирование";
       $lid = $this->lid;
       eval("\$content=\"" . admin::template("itemAdd", "FORMPOST", array("fields[title]" => "EXISTS", "fields[url]" => "EXISTS")) . "\";");
       $this->elements["content"] = $content;
   }
function medianValue($paramValue, $pName)
{
    global $patient;
    $txt = '';
    $diff = dateDiff("-", date("Y-m-d"), $patient['date_birth']);
    switch ($diff) {
        case $diff >= 1 and $diff <= 30:
            if ($pName->fields['lo_bound_n'] != null && $pName->fields['hi_bound_n'] != null) {
                $txt .= htmlspecialchars($pName->fields['hi_bound_n']) . "<p><br>" . htmlspecialchars($pName->fields['lo_bound_n']);
            }
            break;
        case $diff >= 31 and $diff <= 360:
            if ($pName->fields['lo_bound__y'] && $pName->fields['hi_bound_y']) {
                $txt .= htmlspecialchars($pName->fields['hi_bound_y']) . "<p><br>" . htmlspecialchars($pName->fields['lo_bound_y']);
            }
            break;
        case $diff >= 361 and $diff <= 5040:
            if ($pName->fields['lo_bound_c'] && $pName->fields['hi_bound_c']) {
                $txt .= htmlspecialchars($pName->fields['hi_bound_c']) . "<p><br>" . htmlspecialchars($pName->fields['lo_bound_c']);
            }
            break;
        case $diff > 5040:
            if ($patient['sex'] == 'm') {
                if ($pName->fields['lo_bound'] && $pName->fields['hi_bound']) {
                    $txt .= htmlspecialchars($pName->fields['hi_bound']) . "<p><br>" . htmlspecialchars($pName->fields['lo_bound']);
                } elseif ($patient['sex'] == 'f') {
                    if ($pName->fields['lo_bound_f'] && $pName->fields['hi_bound_f']) {
                        $txt .= htmlspecialchars($pName->fields['hi_bound_f']) . "<p><br>" . htmlspecialchars($pName->fields['lo_bound_f']);
                    }
                }
            }
            break;
    }
    return $txt;
}
Example #16
0
 public static function Create($user_row, $uc = true)
 {
     if (function_exists('zuitu_uc_register') && $uc) {
         $pp = $user_row['password'];
         $em = $user_row['email'];
         $un = $user_row['username'];
         $ret = zuitu_uc_register($em, $un, $pp);
         if (!$ret) {
             return false;
         }
     }
     $user_row['username'] = htmlspecialchars($user_row['username']);
     $user_row['password'] = self::GenPassword($user_row['password']);
     $user_row['create_time'] = $user_row['login_time'] = time();
     $user_row['ip'] = Utility::GetRemoteIp();
     $user_row['secret'] = md5(rand(1000000, 9999999) . time() . $user_row['email']);
     $user_row['id'] = DB::Insert('user', $user_row);
     $_rid = abs(intval(cookieget('_rid')));
     if ($_rid && $user_row['id']) {
         $r_user = Table::Fetch('user', $_rid);
         if ($r_user) {
             ZInvite::Create($r_user, $user_row);
             ZCredit::Invite($r_user['id']);
         }
     }
     if ($user_row['id'] == 1) {
         Table::UpdateCache('user', $user_row['id'], array('manager' => 'Y', 'secret' => ''));
     }
     return $user_row['id'];
 }
Example #17
0
 function _lines($lines, $prefix = '', $suffix = '', $type = '')
 {
     if ($type == 'context') {
         foreach ($lines as $line) {
             $this->orig .= htmlspecialchars($line);
             $this->final .= htmlspecialchars($line);
         }
     } elseif ($type == 'added' || $type == 'change-added') {
         $l = "";
         foreach ($lines as $line) {
             $l .= htmlspecialchars($line);
         }
         if (!empty($l)) {
             $this->final .= '<ins class="diffchar inserted"><strong>' . $l . "</strong></ins>";
         }
     } elseif ($type == 'deleted' || $type == 'change-deleted') {
         $l = "";
         foreach ($lines as $line) {
             $l .= htmlspecialchars($line);
         }
         if (!empty($l)) {
             $this->orig .= '<del class="diffchar deleted"><strong>' . $l . "</strong></del>";
         }
     }
 }
Example #18
0
function FmtPageList($fmt, $pagename, $opt)
{
    global $GroupPattern, $FmtV, $FPLFunctions;
    # if (isset($_REQUEST['q']) && $_REQUEST['q']=='') $_REQUEST['q']="''";
    $rq = htmlspecialchars(stripmagic(@$_REQUEST['q']), ENT_NOQUOTES);
    $FmtV['$Needle'] = $opt['o'] . ' ' . $rq;
    if (preg_match("!^({$GroupPattern}(\\|{$GroupPattern})*)?/!i", $rq, $match)) {
        $opt['group'] = @$match[1];
        $rq = substr($rq, strlen(@$match[1]) + 1);
    }
    $opt = array_merge($opt, ParseArgs($opt['o'] . ' ' . $rq), @$_REQUEST);
    if (@($opt['req'] && !$opt['-'] && !$opt[''] && !$opt['+'] && !$opt['q'])) {
        return;
    }
    $GLOBALS['SearchIncl'] = array_merge((array) @$opt[''], (array) @$opt['+']);
    $GLOBALS['SearchExcl'] = (array) @$opt['-'];
    $GLOBALS['SearchGroup'] = @$opt['group'];
    $matches = array();
    $fmtfn = @$FPLFunctions[$opt['fmt']];
    if (!function_exists($fmtfn)) {
        $fmtfn = 'FPLByGroup';
    }
    $out = $fmtfn($pagename, $matches, $opt);
    $FmtV['$MatchCount'] = count($matches);
    if ($fmt != '$MatchList') {
        $FmtV['$MatchList'] = $out;
        $out = FmtPageName($fmt, $pagename);
    }
    if ($out[0] == '<') {
        return '<div>' . Keep($out) . '</div>';
    }
    PRR();
    return $out;
}
/**
* Prints details about the current Git commit revision
*
* @return void
*/
function PMA_printGitRevision()
{
    if (!$GLOBALS['PMA_Config']->get('PMA_VERSION_GIT')) {
        $response = PMA_Response::getInstance();
        $response->isSuccess(false);
        return;
    }
    // load revision data from repo
    $GLOBALS['PMA_Config']->checkGitRevision();
    // if using a remote commit fast-forwarded, link to GitHub
    $commit_hash = substr($GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_COMMITHASH'), 0, 7);
    $commit_hash = '<strong title="' . htmlspecialchars($GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_MESSAGE')) . '">' . $commit_hash . '</strong>';
    if ($GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_ISREMOTECOMMIT')) {
        $commit_hash = '<a href="' . PMA_linkURL('https://github.com/phpmyadmin/phpmyadmin/commit/' . $GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_COMMITHASH')) . '" target="_blank">' . $commit_hash . '</a>';
    }
    $branch = $GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_BRANCH');
    if ($GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_ISREMOTEBRANCH')) {
        $branch = '<a href="' . PMA_linkURL('https://github.com/phpmyadmin/phpmyadmin/tree/' . $GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_BRANCH')) . '" target="_blank">' . $branch . '</a>';
    }
    if ($branch !== false) {
        $branch = sprintf(__('%1$s from %2$s branch'), $commit_hash, $branch);
    } else {
        $branch = $commit_hash . ' (' . __('no branch') . ')';
    }
    $committer = $GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_COMMITTER');
    $author = $GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_AUTHOR');
    PMA_printListItem(__('Git revision:') . ' ' . $branch . ',<br /> ' . sprintf(__('committed on %1$s by %2$s'), PMA_Util::localisedDate(strtotime($committer['date'])), '<a href="' . PMA_linkURL('mailto:' . $committer['email']) . '">' . htmlspecialchars($committer['name']) . '</a>') . ($author != $committer ? ', <br />' . sprintf(__('authored on %1$s by %2$s'), PMA_Util::localisedDate(strtotime($author['date'])), '<a href="' . PMA_linkURL('mailto:' . $author['email']) . '">' . htmlspecialchars($author['name']) . '</a>') : ''), 'li_pma_version_git', null, null, null);
}
Example #20
0
    function parse_swf($tree, $params = array())
    {
        $size = explode("x", isset($params['size']) ? $params['size'] : '740x480');
        $name = $tree->toText();
        $href = isset($params['swf']) ? $params['swf'] : $name;
        list($w, $h) = $size;
        // Can't be too sure
        $w = htmlspecialchars($w);
        $h = htmlspecialchars($h);
        $name = htmlspecialchars($name);
        $href = htmlspecialchars($href);
        /*if(!$this->swfs) $this->swfs = array();
        
        		$count = array_push($this->swfs, array(
        			"swf" => $href,
        			"width" => $size[0],
        			"height" => $size[1]));
        		$id = $count-1;
        		return $this->simple_parse($tree, "<p id=\"swf$id\" class=\"swf\">", '</p>');*/
        return <<<HTML
<div class="swf" style="width:{$w}px; height:{$h}px">
<div class="collapse">
<object width="{$w}" height="{$h}">
<param name="movie" value="{$href}"></param>
<param name="allowFullScreen" value="true"></param>
<param name="allowscriptaccess" value="always"></param>
<embed src="{$href}" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="{$w}" height="{$h}"></embed>
</object>
</div>
<a href="{$href}" onclick="showSWF(this); return false">Show {$name}</a>
</div>
HTML;
    }
    function content_569a53138b5903_87780724($_smarty_tpl)
    {
        ?>
<!-- Block search module TOP -->
<div id="search_block_top" class="col-sm-4 clearfix">
	<form id="searchbox" method="get" action="<?php 
        echo htmlspecialchars($_smarty_tpl->tpl_vars['link']->value->getPageLink('search', null, null, null, false, null, true), ENT_QUOTES, 'UTF-8', true);
        ?>
" >
		<input type="hidden" name="controller" value="search" />
		<input type="hidden" name="orderby" value="position" />
		<input type="hidden" name="orderway" value="desc" />
		<input class="search_query form-control" type="text" id="search_query_top" name="search_query" placeholder="<?php 
        echo smartyTranslate(array('s' => 'Search', 'mod' => 'blocksearch'), $_smarty_tpl);
        ?>
" value="<?php 
        echo stripslashes(mb_convert_encoding(htmlspecialchars($_smarty_tpl->tpl_vars['search_query']->value, ENT_QUOTES, 'UTF-8', true), "HTML-ENTITIES", 'UTF-8'));
        ?>
" />
		<button type="submit" name="submit_search" class="btn btn-default button-search">
			<span><?php 
        echo smartyTranslate(array('s' => 'Search', 'mod' => 'blocksearch'), $_smarty_tpl);
        ?>
</span>
		</button>
	</form>
</div>
<!-- /Block search module TOP --><?php 
    }
	public function onAfterBackendUsersList( $listId, &$rows, &$pageNav, &$search, &$lists, $option, $selectTagAttribs ) {
		global $_CB_framework;

		$plugin		=	cbgjClass::getPlugin();

		$_CB_framework->document->addHeadStyleSheet( $plugin->livePath . '/admin.' . $plugin->element . '.css' );

		$url		=	cbgjClass::getPluginURL( array( 'users', 'edit' ), null, false );

		$toolbar	=	'<a href="#" id="gjaddgroup" class="cbtoolbar cbtoolbaraction">'
					.		'<span class="cbicon-32-gjplugin" title="' . htmlspecialchars( CBTxt::T( 'Join GJ Group' ) ) . '"></span>'
					.		CBTxt::T( 'Join GJ Group' )
					.	'</a>'
					.	'<span class="cbtoolbarspacer" style="width:20px;">&nbsp;</span>';

		$js			=	"$( '.cbtoolbaractions' ).delegate( '#gjaddgroup', 'click', function() {"
					.		"var usersChecked = new Array();"
					.		"$( '#cbshowusersform input[name=\"cid[]\"]:checked' ).each( function() {"
					.			"usersChecked.push( $( this ).val() );"
					.		"});"
					.		"if ( ! usersChecked.length ) {"
					.			"alert( '" . addslashes( CBTxt::T( 'Please select a user from the list to add a CB GroupJive Group to.' ) ) . "' );"
					.		"} else {"
					.			"window.location = '" . addslashes( $url ) . "&users=' + usersChecked.join( '|*|' );"
					.		"}"
					.	"});"
					.	"$( '.cbtoolbaractions' ).prepend( '" . addslashes( $toolbar ) . "' );";

		$_CB_framework->outputCbJQuery( $js );
	}
Example #23
0
 /**
  * Executes any code necessary before applying the filter patterns.
  *
  * @param string $text  The text before the filtering.
  *
  * @return string  The modified text.
  */
 public function preProcess($text)
 {
     if ($this->_params['encode']) {
         $text = @htmlspecialchars($text, ENT_COMPAT, $this->_params['charset']);
     }
     return $text;
 }
Example #24
0
 public function addBlogSection($observer)
 {
     $sitemapObject = $observer->getSitemapObject();
     if (!$sitemapObject instanceof Mage_Sitemap_Model_Sitemap) {
         throw new Exception(Mage::helper('blog')->__('Error during generation sitemap'));
     }
     $storeId = $sitemapObject->getStoreId();
     $date = Mage::getSingleton('core/date')->gmtDate('Y-m-d');
     $baseUrl = Mage::app()->getStore($storeId)->getBaseUrl(Mage_Core_Model_Store::URL_TYPE_LINK);
     /**
      * Generate blog pages sitemap
      */
     $changefreq = (string) Mage::getStoreConfig('sitemap/blog/changefreq');
     $priority = (string) Mage::getStoreConfig('sitemap/blog/priority');
     $collection = Mage::getModel('blog/blog')->getCollection()->addStoreFilter($storeId);
     Mage::getSingleton('blog/status')->addEnabledFilterToCollection($collection);
     $route = Mage::getStoreConfig('blog/blog/route');
     if ($route == "") {
         $route = "blog";
     }
     foreach ($collection as $item) {
         $xml = sprintf('<url><loc>%s</loc><lastmod>%s</lastmod><changefreq>%s</changefreq><priority>%.1f</priority></url>', htmlspecialchars($baseUrl . $route . '/' . $item->getIdentifier()), $date, $changefreq, $priority);
         $sitemapObject->sitemapFileAddLine($xml);
     }
     unset($collection);
 }
Example #25
0
 public function __construct()
 {
     // if the route isn't specified, use the index controller
     $this->route = isset($_GET['route']) ? htmlspecialchars($_GET['route']) : 'index';
     $this->route = trim($this->route, '/');
     // remove trailing slashes
 }
    function content_565352394a61c6_58213472($_smarty_tpl)
    {
        ?>
<a href="<?php 
        echo htmlspecialchars($_smarty_tpl->tpl_vars['href']->value, ENT_QUOTES, 'UTF-8', true);
        ?>
" class="delete" title="<?php 
        echo htmlspecialchars($_smarty_tpl->tpl_vars['action']->value, ENT_QUOTES, 'UTF-8', true);
        ?>
"
	<?php 
        if (in_array($_smarty_tpl->tpl_vars['id_shop']->value, $_smarty_tpl->tpl_vars['shops_having_dependencies']->value)) {
            ?>
		onclick="jAlert('<?php 
            echo smartyTranslate(array('s' => 'You cannot delete this shop\'s (customer and/or order dependency)', 'js' => 1), $_smarty_tpl);
            ?>
'); return false;"
	<?php 
        } elseif (isset($_smarty_tpl->tpl_vars['confirm']->value)) {
            ?>
		onclick="if (confirm('<?php 
            echo $_smarty_tpl->tpl_vars['confirm']->value;
            ?>
')){return true;}else{event.stopPropagation(); event.preventDefault();};"
	<?php 
        }
        ?>
>
	<i class="icon-trash"></i> <?php 
        echo htmlspecialchars($_smarty_tpl->tpl_vars['action']->value, ENT_QUOTES, 'UTF-8', true);
        ?>

</a><?php 
    }
Example #27
0
 function inp($data)
 {
     $data = trim($data);
     $data = stripslashes($data);
     $data = htmlspecialchars($data);
     return $data;
 }
Example #28
0
 /**
  * Checks a given URL for validity
  *
  * @param string $url Url to check
  * @param array $softRefEntry The soft reference entry which builds the context of that url
  * @param \TYPO3\CMS\Linkvalidator\LinkAnalyzer $reference Parent instance
  * @return boolean TRUE on success or FALSE on error
  */
 public function checkLink($url, $softRefEntry, $reference)
 {
     $response = TRUE;
     $errorParams = array();
     $parts = explode(':', $url);
     if (count($parts) == 3) {
         $tableName = htmlspecialchars($parts[1]);
         $rowid = (int) $parts[2];
         $row = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('*', $tableName, 'uid = ' . (int) $rowid);
         if ($row) {
             if ($row['deleted'] == '1') {
                 $errorParams['errorType'] = self::DELETED;
                 $errorParams['tablename'] = $tableName;
                 $errorParams['uid'] = $rowid;
                 $response = FALSE;
             }
         } else {
             $errorParams['tablename'] = $tableName;
             $errorParams['uid'] = $rowid;
             $response = FALSE;
         }
     }
     if (!$response) {
         $this->setErrorParams($errorParams);
     }
     return $response;
 }
Example #29
0
function show_login()
{
    $error_login_empty_password = null;
    $error_login_empty_user = null;
    $input_user = '';
    $input_password = '';
    if (!empty($_POST)) {
        if (empty($_POST['user'])) {
            $error_login_empty_user = "Palun sisesta kasutajanimi";
        } else {
            $input_user = htmlspecialchars($_POST['user']);
        }
        if (empty($_POST['password'])) {
            $error_login_empty_password = "Palun sisesta parool";
        } else {
            $input_password = htmlspecialchars($_POST['password']);
        }
        if (is_null($error_login_empty_password) && is_null($error_login_empty_user)) {
            header('Location: ?mode=gallery');
            exit(0);
        }
        include_once 'view/head.html';
        include 'view/login.html';
        include_once 'view/foot.html';
    } else {
        include_once 'view/head.html';
        include 'view/login.html';
        include_once 'view/foot.html';
    }
}
function printHeadingImage($randomImage)
{
    global $_zp_themeroot;
    $id = getAlbumId();
    echo '<div id="randomhead">';
    if (is_null($randomImage) || checkforPassword(true)) {
        echo '<img src="' . $_zp_themeroot . '/images/zen-logo.jpg" alt="' . gettext('There were no images from which to select the random heading.') . '" />';
    } else {
        $randomAlbum = $randomImage->getAlbum();
        $randomAlt1 = $randomAlbum->getTitle();
        if ($randomAlbum->getAlbumId() != $id) {
            $randomAlbum = $randomAlbum->getParent();
            while (!is_null($randomAlbum) && $randomAlbum->getAlbumId() != $id) {
                $randomAlt1 = $randomAlbum->getTitle() . ":\n" . $randomAlt1;
                $randomAlbum = $randomAlbum->getParent();
            }
        }
        $randomImageURL = htmlspecialchars(getURL($randomImage));
        if (getOption('allow_upscale')) {
            $wide = 620;
            $high = 180;
        } else {
            $wide = min(620, $randomImage->getWidth());
            $high = min(180, $randomImage->getHeight());
        }
        echo "<a href='" . $randomImageURL . "' title='" . gettext('Random picture...') . "'><img src='" . htmlspecialchars($randomImage->getCustomImage(NULL, $wide, $high, $wide, $high, NULL, NULL, !getOption('Watermark_head_image'))) . "' width={$wide} height={$high} alt=" . '"' . htmlspecialchars($randomAlt1, ENT_QUOTES) . ":\n" . htmlspecialchars($randomImage->getTitle(), ENT_QUOTES) . '" /></a>';
    }
    echo '</div>';
}