/**
* Generates an "a mailto" tag
*
* @param string $href The url for the a tag
* @param mixed $text The optional text. If null, the url will be used as text
* @param array $attr Additional attributes for the tag
* @return string the generated html
*/
public static function email($email, $text = null, $attr = array())
{
$email = str::encode($email, 3);
$attr = array_merge(array('href' => 'mailto:' . $email), $attr);
if (empty($text)) {
$text = $email;
}
return static::tag('a', $text, $attr);
}
/**
* Re-generates and returns the obfuscated captcha of the `calc` guard.
*
* @return string
*/
public function captcha()
{
$this->generateCaptcha();
return str::encode(s::get($this->id . '-captcha-label'));
}
/**
* Generates a new calculate captcha result for a Uniform form
*
* @param UniForm $form The form to generate the captcha for
* @return string A label like '4 plus 5'
*/
function uniform_captcha(UniForm $form)
{
list($a, $b) = array(rand(0, 9), rand(0, 9));
s::set($form->id() . '-captcha-result', $a + $b);
return str::encode($a . ' ' . l::get('uniform-calc-plus') . ' ' . $b);
}
/**
* Generates an "a mailto" tag
*
* @param string $email The url for the a tag
* @param mixed $text The optional text. If null, the url will be used as text
* @param array $attr Additional attributes for the tag
* @return string the generated html
*/
public static function email($email, $text = null, $attr = array())
{
if (empty($text)) {
// show only the eMail address without additional parameters (if the 'text' argument is empty)
$text = str::encode(a::first(str::split($email, '?')));
}
$email = str::encode($email);
$attr = array_merge(array('href' => 'mailto:' . $email), $attr);
return static::tag('a', $text, $attr);
}
<?php
/**
* Allows to obfuscate E-Mail addresses. At least we try to make it a bit more
* more difficult for bots to gather our mail addresses.
*
* @param Field $field The calling Kirby Field instance.
*/
field::$methods['obfuscate'] = function ($field) {
return str::encode($field->value());
};
/**
* Removes all HTML tags from the field value before parsing the field as
* markdown. Encodes all special characters of the resulting string as html
* entities to allow only a predefined list of tags. This method should be used
* to allow markdown in user generated contents.
*
* @see http://shiflett.org/blog/2007/mar/allowing-html-and-preventing-xss
*
* @param Field $field The calling Kirby Field instance.
* @param array $tags List of html tags to allow.
*
* @return Field
*/
field::$methods['safeMarkdown'] = function ($field, $tags = null) {
// Sensible default for user generated contents
if (!is_array($tags)) {
$tags = array('a', 'p', 'em', 'strong', 'ul', 'ol', 'li', 'code', 'pre', 'blockquote');
}
// Ensure the string is utf-8 encoded to protect against XSS exploits using
// different encodings.