Esempi di codice in PHP per htmlawed

Esempio n. 1

0

Mostra file

File: security.php Progetto: noikiy/ejia

	/**
	 * 参数过滤
	 *
	 * @param array 参数内容
	 * @param array $ignore 被忽略过滤的元素
	 * @return array 数组形式的返回结果
	 * 
	 */
	public static function getAddslashesForInput($array,$ignore=array()){
        if (!function_exists('htmlawed')) require(BASE_CORE_PATH.'/framework/function/htmlawed.php');
		if (!empty($array)){
			while (list($k,$v) = each($array)) {
				if (is_string($v)) {
                    if (get_magic_quotes_gpc()) {
                        $v = stripslashes($v);
                    }		
					if($k != 'statistics_code') {
						if (!in_array($k,$ignore)){
							//如果不是编辑器，则转义< > & "
                            $v = self::fliterHtmlSpecialChars($v);
                        } else {
                            $v = htmlawed($v,array('safe'=>1));
                        }
                        if($k == 'ref_url') {
                            $v = str_replace('&amp;','&',$v);
                        }
					}
					$array[$k] = addslashes(trim($v));
				} else if (is_array($v))  {
					if($k == 'statistics_code') {
						$array[$k] = $v;
					} else {
						$array[$k] = self::getAddslashesForInput($v);
					}
				}
			}
			return $array;
		}else {
			return false;
		}
	}

Esempio n. 2

0

Mostra file

File: security.php Progetto: my1977/shopnc

 public static function getAddslashesForInput(&$array, $ignore = array())
 {
     if (!function_exists("htmlawed")) {
         require BasePath . "/framework/libraries/htmlawed.php";
     }
     //$_array = array();
     //var_dump($array);exit;
     if (!empty($array)) {
         while (list($k, $v) = each($array)) {
             if (is_string($v)) {
                 if ($k != "statistics_code") {
                     //echo '原来的:'.$v.'<br>';
                     if (!in_array($k, $ignore)) {
                         $v = self::fliterhtmlspecialchars($v);
                     } else {
                         if (get_magic_quotes_gpc()) {
                             $v = stripslashes($v);
                         }
                         $v = htmlawed($v);
                     }
                     if ($k == "ref_url") {
                         $v = str_replace("&amp;", "&", $v);
                     }
                     //echo '过滤的'.$v.'<br>';
                 }
                 if (!get_magic_quotes_gpc()) {
                     $_array[$k] = addslashes(trim($v));
                 } else {
                     $_array[$k] = trim($v);
                 }
                 // print_r($_array);break;
             } else {
                 if (is_array($v)) {
                     if ($k == "statistics_code") {
                         $array[$k] = $v;
                     } else {
                         $array[$k] = self::getaddslashesforinput($v);
                     }
                 }
             }
         }
         //echo '1';
         //var_dump($array);
         return $array;
     }
     return FALSE;
 }

Esempio n. 3

0

Mostra file

File: lab.php Progetto: lukasbestle/patterns

 public function codeblock($object, $lang = 'markup')
 {
     $langs = ['css' => 'css', 'php' => 'php', 'js' => 'js', 'scss' => 'sass', 'md' => 'markdown', 'mdown' => 'markdown'];
     try {
         if (is_a($object, 'Media')) {
             $code = $object->read();
             $lang = a::get($langs, $object->extension(), 'markup');
         } else {
             if (is_a($object, 'Kirby\\Patterns\\Pattern')) {
                 $code = htmlawed($object->render(), ['tidy' => 1]);
                 $lang = 'php';
             } else {
                 if (is_string($object)) {
                     $code = $object;
                 } else {
                     $code = '';
                 }
             }
         }
     } catch (Exception $e) {
         return $this->error($e);
     }
     if (strlen($code) > 20000) {
         $lang = 'none';
     }
     return '<pre><code class="language-' . $lang . '">' . htmlspecialchars(trim($code)) . '</code></pre>';
 }

Esempio n. 4

0

Mostra file

File: chart.php Progetto: alibell/PAS

require '../core/header.php';
/**
		1. Récupération des données
	**/
// Récupération de la charte
$sql = 'SELECT valeur FROM setting WHERE alias = \'CHARTE\'';
$res = $db->query($sql);
$res_f = $res->fetch();
/**
		2. Traitement des formulaires --> on enregistre la modification
	**/
if (isset($_POST) && count($_POST) > 0) {
    if (isset($_POST) && isset($_POST['charte'])) {
        $sql = 'UPDATE setting SET valeur = ? WHERE alias = \'CHARTE\' LIMIT 1';
        $res = $db->prepare($sql);
        $res->execute(array(htmlawed($_POST['charte'])));
        header('Location: ' . ROOT . CURRENT_FILE);
    }
}
/**
		3. Affichage des données
	**/
?>
		<h1><?php 
echo LANG_ADMIN_CHART_TITLES;
?>
</h1>
		
		<form method = "POST">
			<textarea name = "charte"><?php 
echo $res_f[0];

Esempio n. 5

0

Mostra file

File: benchmark.php Progetto: padraic/wibble-benchmarks

/**
 * Delete HTMLPurifier Cache
 */
recursiveDelete(HTMLPURIFIER_CACHE . '/HTML');
recursiveDelete(HTMLPURIFIER_CACHE . '/CSS');
recursiveDelete(HTMLPURIFIER_CACHE . '/URI');
$timer->display();
echo PHP_EOL, PHP_EOL;
/**
 * HtmLawed Pass #3 - Big File
 */
echo 'htmLawed Pass #3 - Big File:', PHP_EOL;
$timer->start();
for ($i = 0; $i <= BENCHMARK_ITERATIONS; $i++) {
    $config = array('safe' => 1, 'deny_attribute' => '* -name', 'make_tag_strict' => 1, 'no_deprecated_attr' => 1, 'elements' => 'em');
    htmlawed($bigInput, $config);
}
$timer->stop();
$timer->display();
echo PHP_EOL, PHP_EOL;
/**
 * Wibble Pass #3 - Big File
 */
echo 'Wibble Pass #3 - Big File:', PHP_EOL;
$timer->start();
for ($i = 0; $i <= BENCHMARK_ITERATIONS; $i++) {
    $fragment = new \Wibble\HTML\Fragment($bigInput);
    $fragment->filter();
}
$timer->stop();
$timer->display();

Esempio n. 6

0

Mostra file

File: lib.filterinput.php Progetto: abhinay100/forma_app

 public function xss_clean($data)
 {
     if (is_array($data)) {
         foreach ($data as $key => $val) {
             $data[$key] = $this->xss_clean($val);
         }
         return $data;
     }
     // It is a string
     $string = $data;
     // Do not clean empty strings
     if (trim($string) == '') {
         return $string;
     }
     switch ($this->tool) {
         case "none":
             // Only used for a god admin
             break;
         case 'htmlpurifier':
             // Run HTMLPurifier
             $string = $this->html_purifier->purify($string);
             break;
         case 'htmlawed':
             // Run htmLawed
             $string = htmlawed($string, array('safe' => 1));
             break;
         case 'kses':
         default:
             // Run htmLawed
             $string = kses($string, $GLOBALS['allowed_html']);
             break;
     }
     return $string;
 }

Esempi in PHP per htmlawed