function filterInput($value) { if (is_array($value)) { return array_map('filterInput', $value); } do { $output = $value; } while ($output != ($value = strip_selected_tags($value))); return $output; }
?> This link will become accessible <strong><?php echo date(DEFAULT_DATE_FORMAT, $result["valid_from"]); ?> </strong>.<br /><br /> <?php } elseif ((int) $result["valid_until"] && $result["valid_until"] < time()) { ?> This link was only accessible until <strong><?php echo date(DEFAULT_DATE_FORMAT, $result["valid_until"]); ?> </strong>. Please contact the primary teacher for assistance if required.<br /><br /> <?php } if (clean_input($result["link_notes"], array("notags", "nows")) != "") { echo "<div class=\"clearfix\">" . trim(strip_selected_tags($result["link_notes"], array("font"))) . "</div>"; } ?> </div> </td> <td class="date"> <?php echo (int) $result["updated_date"] ? date(DEFAULT_DATE_FORMAT, $result["updated_date"]) : "Unknown"; ?> </td> </tr> <?php } } else { ?> <tr>
</td> </tr> <tr> <td colspan="3"> </td> </tr> <tr> <td></td> <td style="vertical-align: top"> Required Preparation <div class="content-small" style="margin-top: 10px"> <strong>Note:</strong> You can use this to provide your learners with instructions or information they need for this class. </div> </td> <td> <textarea id="session_message" name="session_message" style="width: 90%; height: 80px" cols="70" rows="10"><?php echo html_encode(trim(strip_selected_tags($PROCESSED["event_message"], array("font")))); ?> </textarea> </td> </tr> <tr> <td colspan="3"> </td> </tr> <tr> <td><input type="checkbox" value="1" id="include_parent_message" name="include_parent_message"<?php echo !isset($PROCESSED["include_parent_message"]) || $PROCESSED["include_parent_message"] ? " checked=\"checked\"" : ""; ?> /></td> <td colspan="2"> <label for="include_parent_message" class="form-nrequired">Include <strong>Required Preparation</strong> from parent event</label> </td>
</div> <div class="form-actions"> <input type="submit" class="btn btn-primary" value="Login"> <strong style="margin-left: 5px">or</strong> <a href="<?php echo ENTRADA_RELATIVE; ?> /password_reset">Forgot your password?</a> </div> </form> </div> <?php $public_notices = Models_Notice::fetchPublicNotices(); if ($public_notices) { ?> <div class="span6"> <h2>Public Notices</h2> <ul class="public-notices"> <?php foreach ($public_notices as $notice) { echo "<li>"; echo "\t<span class=\"label label-info\">" . date(DEFAULT_DATE_FORMAT, $notice["updated_date"]) . "</span>\n"; echo "\t<p>" . trim(strip_selected_tags(clean_input($notice["notice_summary"], "html"), "p")) . "</p>"; echo "</li>"; } ?> </ul> </div> <?php } ?> </div>
/> Delay the release of all objectives </label> <div id="delay_release_controls" class="space-below"> <table> <?php echo generate_calendar("delay_release_option", "Delay release until", true, $PROCESSED["objectives_release_date"], true, false, false, false, false); ?> </table> </div> </div> <h2 title="Freetext Objectives Section">Free-Text Objectives</h2> <div id="freetext-objectives-section"> <textarea id="event_objectives" name="event_objectives" style="width: 100%; height: 100px" cols="70" rows="10"><?php echo html_encode(trim(strip_selected_tags($event_info["event_objectives"], array("font")))); ?> </textarea> </div> <?php $query = "\tSELECT a.* FROM `global_lu_objectives` a\n JOIN `objective_audience` b\n ON a.`objective_id` = b.`objective_id`\n AND b.`organisation_id` = " . $db->qstr($ENTRADA_USER->getActiveOrganisation()) . "\n WHERE (\n (b.`audience_value` = 'all')\n OR\n (b.`audience_type` = 'course' AND b.`audience_value` = " . $db->qstr($COURSE_ID) . ")\n OR\n (b.`audience_type` = 'event' AND b.`audience_value` = " . $db->qstr($EVENT_ID) . ")\n )\n AND a.`objective_parent` = '0'\n AND a.`objective_active` = '1'"; $objectives = $db->GetAll($query); if ($objectives) { $objective_name = $translate->_("events_filter_controls"); $hierarchical_name = $objective_name["co"]["global_lu_objectives_name"]; ?> <style type="text/css"> .mapped-objective{ padding-left: 30px!important; }
<?php // Get the Word infested input $text = $output; // Remove font tags $text = strip_selected_tags($text, "<font>"); // Remove weird quotes and accents // http://uk3.php.net/manual/en/function.preg-replace.php#64828 $text = preg_replace('/([\\xc0-\\xdf].)/se', "'&#' . ((ord(substr('\$1', 0, 1)) - 192) * 64 + (ord(substr('\$1', 1, 1)) - 128)) . ';'", $text); $text = preg_replace('/([\\xe0-\\xef]..)/se', "'&#' . ((ord(substr('\$1', 0, 1)) - 224) * 4096 + (ord(substr('\$1', 1, 1)) - 128) * 64 + (ord(substr('\$1', 2, 1)) - 128)) . ';'", $text); // Strip inline styles $text = strip_styles($text); // Remove class="MsoNormal" $text = str_replace('class="MsoNormal"', '', $text); // Return it return $text; /** * strip_selected_tags ( string str [, string strip_tags[, strip_content flag]] ) * --------------------------------------------------------------------- * Like strip_tags() but inverse; the strip_tags tags will be stripped, not kept. * strip_tags: string with tags to strip, ex: "<a><p><quote>" etc. * strip_content flag: TRUE will also strip everything between open and closed tag * http://uk3.php.net/manual/en/function.preg-replace.php#71266 */ function strip_selected_tags($str, $tags = "", $stripContent = false) { preg_match_all("/<([^>]+)>/i", $tags, $allTags, PREG_PATTERN_ORDER); foreach ($allTags[1] as $tag) { $replace = "%(<{$tag}.*?>)(.*?)(<\\/{$tag}.*?>)%is"; if ($stripContent) { $str = preg_replace($replace, '', $str);
<h2>Assignment Drop Box</h2> <div class="control-group"> <label class="control-label form-required">Assignment Name:</label> <div class="controls"> <input type="text" name="assignment_title" class="span10" value="<?php echo isset($PROCESSED["assignment_title"]) && $PROCESSED["assignment_title"] ? $PROCESSED["assignment_title"] : ""; ?> " /> </div> </div> <div class="control-group"> <label class="control-label form-nrequired">Assignment Description:</label> <div class="controls"> <textarea id="assignment_description" class="span10 expandable" name="assignment_description"><?php echo isset($PROCESSED["assignment_description"]) && $PROCESSED["assignment_description"] ? html_encode(trim(strip_selected_tags($PROCESSED["assignment_description"], array("font")))) : ""; ?> </textarea> </div> </div> <div class="control-group"> <label class="control-label form-nrequired">Additional Instructors:</label> <div class="controls"> <input type="text" id="director_name" name="fullname" size="30" autocomplete="off" style="width: 203px; vertical-align: middle" onkeyup="checkItem('director')" onblur="addItemNoError('director')" /> <script type="text/javascript"> $('director_name').observe('keypress', function(event){ if (event.keyCode == Event.KEY_RETURN) { addItem('director'); Event.stop(event); }
/** * Hooks into the {@the_content} of each posts and breaks the text into an array. * * * @since 3.0.0 * * @param string $html Required. Comment amount in post if > 0, else total comments blog wide. * @param string $tags Optional * @return array An array of each text block with the proper html tags for comment count and extra tags for adding javascript hooks */ function standard_digressit_content_parser($html, $tags = 'div|table|object|p|ul|ol|blockquote|code|h1|h2|h3|h4|h5|h6|h7|h8', $return_paragraphs = false) { global $post; $matches = array(); $html = strip_selected_tags($html, '<hr>'); //we need to do this twice in case there are empty tags surrounded by empty p tags $html = preg_replace('/<(?!input|br|iframe|object|param|embed|img|meta|hr|\\/)[^>]*>\\s*<\\/[^>]*>/ ', '', $html); $html = preg_replace('/<(?!input|br|iframe|object|param|embed|img|meta|hr|\\/)[^>]*>\\s*<\\/[^>]*>/ ', '', $html); $html = str_replace("</iframe>", " </iframe>", $html); $digressit_options = get_option('digressit'); $blocks = array(); $text_signatures = null; $permalink = get_permalink($post->ID); $defaults = array('post_id' => $post->ID); $total_comments = get_comments($defaults); $total_count = count($total_comments); if ($digressit_options['parse_list_items'] == 1) { $html = preg_replace('/<(\\/?ul|ol)>/', '', $html); $html = preg_replace('/<li>/', '<p>* ', $html); } $html = wpautop(force_balance_tags($html)); $html = str_replace(' ', '', $html); $html = str_replace('©', '(c)', $html); // $html = preg_replace("/&#?[a-z0-9]{2,8};/i","",$html); libxml_use_internal_errors(true); if ($result = @simplexml_load_string(trim('<content>' . $html . '</content>'))) { $xml = $result->xpath('/content/' . $tags); foreach ($xml as $match) { $matches[] = $match->asXML(); } } else { if (current_user_can('edit_posts')) { $matches[] = "There was a problem parsing your content. Please make sure that every HTML tag is properly nested and closed. \n To validate your text, and to try and repair it, use the <a href='https://wordpress.org/extend/plugins/tidy-up/'>Tidy Up</a> plugin for WordPress."; if (!$result) { $errors = libxml_get_errors(); foreach ($errors as $error) { $error_messages .= display_xml_error($error, $xml) . "<br>"; } libxml_clear_errors(); } $matches[] = $error_messages; } else { $matches[] = "Sorry! There was a problem loading the contents of this post. Please notify the site administrator."; } } if ($return_paragraphs) { return $matches; } foreach ($matches as $key => $paragraph) { $text_signature = $key + 1; $text_signatures[] = $text_signature; $paranumber = $number = $key + 1; $comment_count = 0; foreach ($total_comments as $c) { if ($c->comment_text_signature == $paranumber) { $comment_count++; } } $paragraphnumber = '<span class="paragraphnumber">'; $numbertext = $comment_count == 1 ? 'is one comment' : 'are ' . $comment_count . ' comments'; $numbertext = $comment_count == 0 ? 'are no comments' : $numbertext; $digit_count = strlen($comment_count); $commenticon = '<span title="There ' . $numbertext . ' for this paragraph" class="commenticonbox"><small class="commentcount fff commentcount' . $digit_count . '">' . $comment_count . '</small></span>' . "\n"; $morelink = null; if ($number == 1) { //$morelink = '<span class="morelink"></span>'; } else { $morelink = null; } $matches = null; preg_match_all('/class=\\"([^"]+)\\"/is', $paragraph, $matches); if (count($matches)) { foreach ($matches[1] as $match) { if (strstr($match, 'wp-image')) { $paragraph = str_replace($match, 'lightbox lightbox-images ' . $match, $paragraph); } $paragraph = str_replace(" class=\"{$matches}\" ", " class=\"lightbox lightbox-images {$classes}\" ", $paragraph); } } $block_content = "<div id='textblock-{$number}' class='textblock'>\n <span class='paragraphnumber'><a href='{$permalink}#{$number}'>{$number}</a></span>"; if ($digressit_options['enable_citation_button'] == 1) { $block_content .= "<span class='paragraphembed'>\n <a href='#' rel='{$number}'>“</a>\n <span class='embedcode' id='embedcode-{$number}'>\n <a href='#' class='closeme'>x</a>\n <b>Cite</b> <input type='text' value='" . $post->guid . "&digressit-embed={$number}&format=html'><br>\n <b>Embed</b><br>\n <textarea><blockquote cite='{$permalink}#{$number}'>" . force_balance_tags($paragraph) . "</blockquote></textarea>\n <span class='text-copied'>Text copied</span>\n </span>\n </span>"; } $block_content .= "<span title='There {$numbertext} for this paragraph' class='commenticonbox'><small class='commentcount commentcount" . $digit_count . "'>" . $comment_count . "</small></span>\n <span class='paragraphtext'>" . force_balance_tags($paragraph) . "</span>\n </div>" . $morelink; $blocks[$paranumber] = $block_content; } global $post_paragraph_count; $post_paragraph_count = count($blocks); return $blocks; }
public function set_note($value) { if (is_string($value)) { //$value = strip_tags($value, '<p><a><b><strong><i><table><tbody><tr><th><td><thead><tfoot><img><span><div><li><ul><ol><br /><object>'); $value = strip_selected_tags($value, array('script', 'style')); //$value = addslashes($value); //$value = strip_tags($value); $value = trim($value); } if (is_null($value) || $value == '') { return $this->unset_field('note'); } else { return $this->set_field('note', $value); } }
<h2>Assignment Drop Box</h2> <div class="control-group"> <label class="control-label form-required">Assignment Name:</label> <div class="controls"> <input type="text" name="assignment_title" class="span10" value="<?php echo isset($PROCESSED["assignment_title"]) && $PROCESSED["assignment_title"] ? $PROCESSED["assignment_title"] : ""; ?> "/> </div> </div> <div class="control-group"> <label class="control-label form-nrequired">Assignment Description:</label> <div class="controls"> <textarea id="assignment_description" class="span10 expandable" name="assignment_description"><?php echo html_encode(trim(strip_selected_tags($PROCESSED["assignment_description"], array("font")))); ?> </textarea> </div> </div> <div class="control-group"> <label class="control-label form-nrequired">Additional Instructors:</label> <div class="controls"> <input type="text" id="director_name" name="fullname" size="30" autocomplete="off" style="width: 203px; vertical-align: middle" onkeyup="checkItem('director')" onblur="addItemNoError('director')" /> <script type="text/javascript"> $('director_name').observe('keypress', function(event){ if (event.keyCode == Event.KEY_RETURN) { addItem('director'); Event.stop(event); }
function filter(&$string,$item="",$density=false,$replace=false,$statistic=null) { static $filter,$filter_keyword_list,$replace_rule_list,$replace_config; $string=trim($string); if($string) { if(false!==strpos($string,'<')) { $string=strip_selected_tags($string,"<script><iframe><style><link><meta>"); $string=remove_xss($string); } if (empty($string)) { return __('不能包含特殊字符!'); } if($filter===null) { $filter=(array) ConfigHandler::get('filter'); } if(!$filter['enable']) { return false; } if(!empty($filter['keywords'])) { if($filter_keyword_list===null) { $filter_keyword_list=explode("|",str_replace(array("\r\n","\r","\n","\t","\\|"),"|",trim($filter['keywords']))); } foreach ($filter_keyword_list as $keyword) { if(strpos($string,$keyword)!==false) { $keyword_len=strlen($keyword); if($keyword_len>2 && $keyword_len<40) { $statistic['filter_type']='keyword'; return __("含有禁止发布的内容"); } } } } } return false; }
function __filter(&$string, $verify = 1, $replace = 1, $shield = 0) { static $filter = null; $rets = array(); $string = trim($string); if ($string) { if (false !== strpos($string, '<')) { $string = strip_selected_tags($string, "<script><iframe><style><link><meta>"); if ($string) { $string = remove_xss($string); } } if (empty($string)) { $rets['error'] = 1; $rets['type'] = 'xss'; $rets['msg'] = "含有禁止提交的代码,请修改后重新提交!"; return $rets; } if ($filter === null) { $filter = (array) jconf::get('filter'); } if (!$filter['enable']) { return false; } if ($replace && $filter['replace_list']) { foreach ($filter['replace_list'] as $search => $replace) { $strpos = jstrpos($string, $search); if ($strpos !== false) { $string = str_replace($search, $replace, $string); } } } if (!empty($filter['keywords'])) { if ($filter['keyword_list'] === null) { $filter['keyword_list'] = explode("|", str_replace(array("\r\n", "\r", "\n", "\t", "\\|"), "|", trim($filter['keywords']))); } foreach ($filter['keyword_list'] as $keyword) { $strpos = jstrpos($string, $keyword); if ($strpos !== false) { $rets['error'] = 1; $rets['type'] = 'filter'; $rets['keyword'] = $keyword; $rets['msg'] = "含有禁止的内容 " . ($filter['keyword_disable'] ? "" : " {$keyword} ") . ",请修改后重新提交!"; return $rets; } } } if ($verify && $filter['verify_list']) { foreach ($filter['verify_list'] as $keyword) { $strpos = jstrpos($string, $keyword); if ($strpos !== false) { $rets['verify'] = 1; $rets['type'] = 'verify'; $rets['keyword'] = $keyword; $rets['msg'] = "含审核内容 " . ($filter['keyword_disable'] ? "" : " {$keyword} ") . "需管理员审核后才会对外显示,<a href='index.php?mod=" . MEMBER_ID . "&type=my_verify'>点此查看</a>"; return $rets; } } } if ($shield && $shield != 0 && $filter['shield_list']) { foreach ($filter['shield_list'] as $keyword) { $strpos = jstrpos($string, $keyword); if ($strpos !== false) { $rets['shield'] = 1; $rets['type'] = 'shield'; $rets['keyword'] = $keyword; $rets['msg'] = "含有屏蔽的内容 " . ($filter['keyword_disable'] ? "" : " {$keyword} "); return $rets; } } } } return false; }
echo trim(strip_selected_tags($result["course_description"], array("font"))) . "\n"; } else { echo "No course aim or goals have been provided."; } echo "\t</td>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "\t<td colspan=\"2\"> </td>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "\t<td colspan=\"2\"><h2>Course Objectives</h2></td>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "\t<td colspan=\"2\" style=\"text-align: justify\">\n"; if (clean_input($result["course_objectives"], array("notags", "nows")) != "") { echo trim(strip_selected_tags($result["course_objectives"], array("font"))) . "\n"; } else { echo "No course objectives have been provided."; } echo "\t</td>\n"; echo "</tr>\n"; } echo "</table>\n"; } ?> <h2>Course Event Types</h2> <table style="width: 100%" cellspacing="2" cellpadding="2" border="0"> <colgroup> <col style="width: 33%" /> <col style="width: 34%" /> <col style="width: 33%" />
echo $module_singular_name . " Description"; ?> </label> <div class="controls"> <textarea id="course_description" name="course_description" cols="70" rows="10"><?php echo isset($PROCESSED["course_description"]) ? html_encode(trim(strip_selected_tags($PROCESSED["course_description"], array("font")))) : ""; ?> </textarea> </div> </div> <div class="control-group"> <label for="course_message" class="form-nrequired control-label">Director's Message</label> <div class="controls"> <textarea id="course_message" name="course_message" cols="70" rows="10"><?php echo isset($PROCESSED["course_message"]) ? html_encode(trim(strip_selected_tags($PROCESSED["course_message"], array("font")))) : ""; ?> </textarea> </div> </div> <div class="pull-right clearfix"> <input type="submit" value="Save" class="btn btn-primary"/> </div> </form> </div> <?php $query = "\tSELECT COUNT(*) FROM course_objectives WHERE course_id = " . $db->qstr($COURSE_ID); $result = $db->GetOne($query); if ($result) { ?>
</div> <input type="text" id="report_title" name="report_title" value="<?php echo isset($PROCESSED["report_title"]) && $PROCESSED["report_title"] ? html_encode($PROCESSED["report_title"]) : ""; ?> " maxlength="255" style="width: 99%; font-size: 150%; padding: 3px" /> </td> </tr> <tr> <td colspan="3"> </td> </tr> <tr> <td></td> <td style="vertical-align: top"><label for="report_description" class="form-nrequired">Report Description</label></td> <td> <textarea id="report_description" name="report_description" style="width: 100%; height: 150px" cols="70" rows="10"><?php echo html_encode(trim(strip_selected_tags($event_info["event_description"], array("font")))); ?> </textarea> </td> </tr> <tr> <td colspan="3"> </td> </tr> <tr> <td></td> <td><label for="report_supporting_link" class="form-nrequired">Supporting Link</label></td> <td> <input type="text" id="report_supporting_link" name="report_supporting_link" value="<?php echo isset($PROCESSED["report_supporting_link"]) && $PROCESSED["report_supporting_link"] ? html_encode($PROCESSED["report_supporting_link"]) : "http://"; ?> " maxlength="255" style="width: 99%;" />