function acceptData($value) { foreach ($value as $key => $val) { $data[$val] = $this->SV->input->post($val, TRUE); if (!is_array($data[$val])) { $data[$val] = strip_image_tags($data[$val]); $data[$val] = quotes_to_entities($data[$val]); $data[$val] = encode_php_tags($data[$val]); $data[$val] = trim($data[$val]); } } return $data; }
/** * Returns the comment description. You can pass it an array of formatting parameters which include: <ul> <li><strong>markdown:</strong> applies the <a href="[user_guide_url]helpers/markdown_helper">markdown</a> function </li> <li><strong>short:</strong> filters just the first paragraphs of the description if multiple paragraphs </li> <li><strong>long:</strong> returns the entire description</li> <li><strong>one_line:</strong> filters the description to appear on one line by removing returns</li> <li><strong>entities:</strong> converts html entities</li> <li><strong>eval:</strong> evaluates php code</li> <li><strong>periods:</strong> adds periods at the end of lines that don't have them</li> <li><strong>ucfirst:</strong> uppercases the first word</li> </ul> * * @access public * @param int The index (order) of the parameter to retrieve * @param string The part of the parameter to retrieve. Options are 'type' and 'comment' * @return boolean */ public function description($format = FALSE) { if (!isset($this->_description)) { preg_match('#/\\*\\*\\s*(.+ )(@|\\*\\/)#Ums', $this->_text, $matches); if (isset($matches[1])) { $this->_description = $matches[1]; // removing preceding * and tabs $this->_description = preg_replace('#\\* *#m', "", $matches[1]); $this->_description = preg_replace("#^ +#m", "", $this->_description); // remove code examples since they are handled by the example method $this->_description = preg_replace('#<code>.+</code>#ms', '', $this->_description); $this->_description = trim($this->_description); } else { $this->_description = $this->_text; } } $desc = $this->_description; $desc = $this->filter($desc); // apply different formats if ($format) { if (is_string($format)) { $format = (array) $format; } foreach ($format as $f) { switch (strtolower($f)) { case 'markdown': // must escape underscores to prevent <em> tags $desc = str_replace('_', '\\_', $desc); $desc = markdown($desc); // the we replace back any that didn't get processed'(e.g. ones inside links) $desc = str_replace('\\_', '_', $desc); break; case 'short': $desc_lines = explode(PHP_EOL, $desc); $first_line = TRUE; foreach ($desc_lines as $d) { if (!empty($d)) { if ($first_line) { $first_line = FALSE; $desc = $d; break; } } } break; case 'long': $desc_lines = explode(PHP_EOL, $desc); $new_desc = ''; $first_line = TRUE; foreach ($desc_lines as $d) { if (!empty($d)) { if ($first_line) { $first_line = FALSE; continue; } else { $new_desc .= $d . ' '; } } else { if (!$first_line) { $new_desc .= "\n\n"; } } } $desc = $new_desc; break; case 'one_line': $desc = str_replace(PHP_EOL, ' ', $desc); break; case 'entities': $desc = htmlentities($desc); break; case 'eval': $desc = eval_string($desc); break; case 'periods': $desc_lines = explode(PHP_EOL, $desc); $lines = ''; $past_first = FALSE; foreach ($desc_lines as $d) { $d = trim($d); if (!empty($d)) { if (!$past_first) { $d = preg_replace('#(.+[^\\.|>]\\s*)$#', '$1. ', $d); } $lines .= $d . ' '; $past_first = TRUE; } else { if ($past_first) { $lines .= "\n\n"; } } } $lines = preg_replace('#(.+[^\\.|>]\\s*)$#', '$1. ', trim($lines)); $desc = $lines; case 'ucfirst': $desc = ucfirst($desc); break; } } } // auto link $desc = auto_link($desc); // trim white space $desc = trim($desc); // clean $desc = xss_clean($desc); $desc = strip_image_tags($desc); return $desc; }
/** * Strip Image Tags (prep) * * Strips the HTML from image tags leaving the raw URL. * This replaces the version in CI_Form_validation. * * @ignore */ protected function _strip_image_tags($field) { $this->{$field} = strip_image_tags($this->{$field}); }
function _filter_comment($comment) { $this->load->helper('security'); $comment_attrs = array('content', 'author_name', 'author_email', 'author_website'); foreach ($comment_attrs as $filter) { $text = $comment->{$filter}; // first remove any nofollow attributes to clean up... not perfect but good enough $text = preg_replace('/<a(.+)rel=["\'](.+)["\'](.+)>/Umi', '<a$1rel="nofollow"$3>', $text); // $text = str_replace('<a ', '<a rel="nofollow"', $text); $text = strip_image_tags($text); $comment->{$filter} = $text; } return $comment; }
function decode_format($content) { $STB =& get_instance(); $STB->load->helper('security'); $content = strip_url_tags(strip_image_tags($content)); return $content; }
public function _parse_single($key, $val, $string) { $newval = $val; $find = "/" . $this->l_delim . "" . $key . ".*" . $this->r_delim . "/U"; preg_match($find, $string, $matches); if (!empty($matches)) { $temp = trim($matches[0], "{}"); $res = explode(":", $temp); // var_dump($res); if (count($res) > 1) { switch ($res[1]) { case "allcaps": $newval = strtoupper($val); break; case "money": $newval = number_format((int) $val, 2, ".", ","); break; case "caps": $newval = ucwords(strtolower($val)); break; case "nocaps": $newval = strtolower($val); break; case "ucfirst": $newval = ucfirst($val); break; case "bool1": $newval = $val == 1 ? "True" : "False"; break; case "bool2": $newval = $val == 1 ? "Yes" : "No"; break; case "bool3": $newval = $val == 1 ? "Active" : "Inactive"; break; case "climit": $int = count($res) < 3 ? 128 : $res[2]; $newval = character_limiter($val, $int); break; case "htmlchars": $newval = quotes_to_entities($val); break; case "wlimit": $int = count($res) < 3 ? 25 : $res[2]; $newval = word_limiter($val, $int); break; case "wrap": $int = count($res) < 3 ? 76 : $res[2]; $newval = word_wrap($val, $int); break; case "hilite": $str = count($res) < 3 ? "" : $res[2]; $color = count($res) < 4 ? "#990000" : $res[3]; $newval = highlight_phrase($val, $str, "<span style=\"color:{$color}\">", "</span>"); break; case "safe_mailto": $alt_text = count($res) < 3 ? "" : $res[2]; $newval = safe_mailto($val, $alt_text); break; case "url_title": $sep = count($res) < 3 ? "dash" : $res[2]; $newval = url_title($val, $sep); break; case "remove_img": $newval = strip_image_tags($val); break; case "hash": $hash = count($res) < 3 ? "md5" : $res[2]; $newval = dohash($val, $hash); break; case "stripslashes": $newval = stripslashes($val); break; case "strip_tags": $allowed = count($res) < 3 ? "" : $res[2]; $newval = strip_tags($val, $allowed); break; /** other output string format options here **/ } return str_replace($matches[0], $newval, $string); } } return parent::_parse_single($key, $val, $string); }
function test_strip_image_tags() { $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('http://example.com/spacer.gif')); $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('<img src="http://example.com/spacer.gif" alt="Who needs CSS when you have a spacer.gif?" />')); }
function get_content_formatted($strip_images = FALSE) { $this->_CI->load->module_helper(FUEL_FOLDER, 'fuel'); $content = $this->content; if ($strip_images) { $CI->load->helper('security'); $content = strip_image_tags($this->content); } $content = $this->_format($content); $content = $this->_parse($content); return $content; }
public function security_clean($q) { $this->load->helper('security'); //$this->load->library('security'); $q = str_replace("", "", $q); $q = str_replace('\\0', "", $q); $q = xss_clean($q); //$q = $this->security->xss_clean($q); $q = strip_image_tags($q); $q = encode_php_tags($q); $q = preg_replace(array("/select/si", "/delete/si", "/update/si", "/insert/si", "/from/si", "/alert/si", "/\\[removed\\]/si", "/script/si", "/\\*/si"), "", $q); return $q; }