public function testEscaping()
{
$input = "one <>&' two";
$expected = "one <>&' two";
$escaped = View::escape($input);
$unescaped = View::unescape($escaped);
$this->assertEquals($escaped, $expected);
$this->assertEquals($unescaped, $input);
}
/**
* @param string $fieldname The name of the person field
* @param Person $person The currently selected Person object
* @return string
*/
public function personChooser($fieldname, Person $person = null)
{
$this->template->addToAsset('scripts', JQUERY . '/jquery.min.js');
$this->template->addToAsset('scripts', BASE_URI . '/js/people/personChooser.js');
$id = '';
$name = '';
if ($person) {
$id = $person->getId();
$name = View::escape($person->getFullname());
}
$return_url = new Url($_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
$personChooser = BASE_URI . '/people?return_url=' . $return_url;
$html = "\n\t\t<input type=\"hidden\" name=\"{$fieldname}_id\" id=\"{$fieldname}_id\" value=\"{$id}\" />\n\t\t<span id=\"{$fieldname}-name\">{$name}</span>\n\t\t<a class=\"btn\"\n\t\t\thref=\"{$personChooser}\"\n\t\t\tonclick=\"PERSON_CHOOSER.open('{$fieldname}');return false;\">\n\t\t\t<span class=\"fa fa-user\"></span>\n\t\t\tChange Person\n\t\t</a>\n\t\t";
return $html;
}
/**
* Converts an array into hidden inputs for a form
*
* Used for preserving all $_REQUEST information in subsequent form posts
*
* @param array $array Usually the $_REQUEST array
* @param string $base A key used for naming inputs as an array
* @param array $filterKeys Keys in $array to be ignored
*/
public function renderInputs($array, $base = null, $filterKeys = null)
{
$html = '';
foreach ($array as $k => $v) {
if (!$filterKeys || !in_array($k, $filterKeys)) {
$k = View::escape($k);
$name = $base ? "{$base}[{$k}]" : $k;
if (!is_array($v)) {
$v = View::escape($v);
$html .= "<input name=\"{$name}\" value=\"{$v}\" type=\"hidden\" />";
} else {
$this->renderInputs($v, $k, $filterKeys);
}
}
}
return $html;
}
