Esempio n. 1
1
 function actionSearch($q = null, $page = 1)
 {
     $pages = new CPagination();
     $pages->pageSize = 50;
     $pages->currentPage = $page;
     $p = new CHtmlPurifier();
     $q = CHtml::encode($p->purify($q));
     $searchCriteria = new stdClass();
     $searchCriteria->select = 'id';
     $searchCriteria->query = $q . '*';
     $searchCriteria->paginator = $pages;
     $searchCriteria->from = join(",", $this->indexes);
     // Получаем данные в виде массива
     $resArray = Yii::App()->search->searchRaw($searchCriteria);
     $news = null;
     if (is_array($resArray['matches'])) {
         $c = new CDbCriteria();
         $c->order = 'FIELD(id,' . join(",", array_keys($resArray['matches'])) . ')';
         $news = News::model()->findAllByPk(array_keys($resArray['matches']), $c);
     }
     $this->render("search_results", array('news' => $news));
 }
Esempio n. 2
0
 protected function purifyHtml($html)
 {
     // remove bad parsing
     $html = preg_replace('#\\\\r\\\\n|\\\\r|\\\\n|\\\\#sui', '', $html);
     $p = new CHtmlPurifier();
     $p->options = array('HTML.Allowed' => 'img[src],p,br,b,strong,i');
     $html = $p->purify($html);
     $p->options = array('HTML.Allowed' => '');
     $text = $p->purify($html);
     if (mb_strlen($text, 'UTF-8') === mb_strlen($html, 'UTF-8')) {
         return '<pre>' . $text . '</pre>';
     }
     return $html;
 }
Esempio n. 3
0
 public function safeTransform($content)
 {
     $content = $this->transform($content);
     $purifier = new CHtmlPurifier();
     $purifier->options = $this->purifierOptions;
     return $purifier->purify($content);
 }
 /**
  * @param \Solarium\QueryType\Select\Result\Result $ergebnisse
  * @return array();
  */
 public static function ergebnisse2FeedData($ergebnisse)
 {
     $data = array();
     $dokumente = $ergebnisse->getDocuments();
     $highlighting = $ergebnisse->getHighlighting();
     $purifier = new CHtmlPurifier();
     $purifier->options = array('URI.AllowedSchemes' => array('http' => true, 'https' => true));
     foreach ($dokumente as $dokument) {
         $model = Dokument::getDocumentBySolrId($dokument->id);
         $risitem = $model->getRISItem();
         if (!$risitem) {
             continue;
         }
         $link = $risitem->getLink();
         $highlightedDoc = $highlighting->getResult($dokument->id);
         $item = array("title" => $model->name . " (zu " . $risitem->getTypName() . " \"" . $risitem->getName() . "\"", "link" => $link, "content" => "", "dateCreated" => RISTools::date_iso2timestamp(str_replace("T", " ", str_replace("Z", "", $dokument->sort_datum))), "aenderung_guid" => $link);
         if ($highlightedDoc && count($highlightedDoc) > 0) {
             foreach ($highlightedDoc as $highlight) {
                 $item["content"] .= $purifier->purify(implode(' (...) ', $highlight)) . '<br/>';
             }
         }
         $data[] = $item;
     }
     return $data;
 }
Esempio n. 5
0
 /**
  * 对内容进行过滤  未使用
  */
 public static function htmlPurifier($content)
 {
     $p = new CHtmlPurifier();
     //过滤规则
     $p->options = array('URI.Disable' => true);
     return $p->purify($content);
 }
Esempio n. 6
0
 public function Purify($value)
 {
     $p = new CHtmlPurifier();
     $p->options = array('HTML.Allowed' => 'strong,em,u,h1,h2,h3,h4');
     $cleanHtml = $p->purify($value);
     return $cleanHtml;
 }
Esempio n. 7
0
 public function safehtml($attr, $params)
 {
     $p = new CHtmlPurifier();
     $p->options = Yii::app()->params["HTMLPurifierOptions"];
     $p->options["HTML.Allowed"] = "a[href],b,strong,i,em,u,small,sub,sup";
     $this->{$attr} = trim($p->purify($this->{$attr}));
 }
Esempio n. 8
0
 public function purifyText($attribute, $params)
 {
     $module = Yii::app()->getModule('comment');
     $p = new CHtmlPurifier();
     $p->options = ['HTML.Allowed' => $module->allowedTags];
     $this->{$attribute} = $p->purify($this->{$attribute});
 }
Esempio n. 9
0
 /**
  * Processes the captured output.
  * This method converts the content in markdown syntax to HTML code.
  * If {@link purifyOutput} is true, the HTML code will also be purified.
  * @param string $output the captured output to be processed
  * @see convert
  */
 public function processOutput($output)
 {
     $output = $this->transform($output);
     if ($this->purifyOutput) {
         $purifier = new CHtmlPurifier();
         $output = $purifier->purify($output);
     }
     parent::processOutput($output);
 }
Esempio n. 10
0
 /**
  * Manage the created fields
  */
 public function beforeSave()
 {
     if ($this->isNewRecord) {
         $this->created = time();
     }
     $p = new CHtmlPurifier();
     $this->subject = $p->purify($this->subject);
     return parent::beforeSave();
 }
Esempio n. 11
0
 /**
  * Process a string with markup
  *
  * @abstract
  * @param string $input
  * @return string $output
  */
 public function process($input)
 {
     $out = $this->processMarkup($input);
     if ($this->purify) {
         $purifier = new CHtmlPurifier();
         $out = $purifier->purify($out);
     }
     return $out;
 }
Esempio n. 12
0
 public static function filterString($string)
 {
     $string = strip_tags($string);
     $string = stripcslashes($string);
     $string = htmlspecialchars($string);
     $p = new CHtmlPurifier();
     $string = $p->purify($string);
     $string = addslashes($string);
     $string = str_replace("\r\n", "\n", $string);
     return $string;
 }
Esempio n. 13
0
 public function actionHtmlPurifier()
 {
     $user_input = null;
     if (isset($_POST['user_input'])) {
         $user_input = $_POST['user_input'];
     }
     $parser = new CHtmlPurifier();
     //create instance of CHtmlPurifier
     $user_input = $parser->purify($user_input);
     //we purify the $user_input
     $this->render("htmlpurifier", array('user_input' => $user_input));
 }
Esempio n. 14
0
 public function run()
 {
     $this->markdown = CHtml::encode($this->markdown);
     $parserClass = $this->parserClass;
     $parser = new $parserClass();
     $html = $parser->parse($this->markdown);
     if ($this->purifyOutput) {
         $purifier = new CHtmlPurifier();
         $html = $purifier->purify($html);
     }
     $this->render('markdownView', array('content' => $html));
 }
 /**
  * Required POSTED data are :
  * phone_number - required - number
  * dispo_name - required - any
  * @return void
  */
 public function actionSave()
 {
     header("Content-Type: application/json");
     $returnResult = ['status' => "", 'message' => ""];
     $p = new CHtmlPurifier();
     $disposaleForm = new DisposaleForm();
     $disposaleForm->dispo_name = $p->purify(@$_POST['dispo_name']);
     $disposaleForm->phone_number = $p->purify(@$_POST['phone_number']);
     $disposaleForm->posted_data = json_encode(@$_POST);
     if ($disposaleForm->validate()) {
         if ($disposaleForm->save()) {
             $returnResult['status'] = 'success';
             $returnResult['message'] = "New dispo sale saved";
         } else {
             $returnResult['status'] = 'failed';
             $returnResult['message'] = CHtml::errorSummary($disposaleForm);
         }
     } else {
         $returnResult['status'] = 'failed';
         $returnResult['message'] = CHtml::errorSummary($disposaleForm);
     }
     echo json_encode($returnResult);
 }
Esempio n. 16
0
 /**
  * @param $action
  */
 private function savePage($action)
 {
     //var_dump($_POST); die;
     Yii::log("Function SavePage DesignController called", "trace", self::LOG_CAT);
     $model = DocPages::model()->findByPk($_POST['pageId']);
     if (isset($_POST['desContent'])) {
         $purifier = new CHtmlPurifier();
         $model->docData = $purifier->purify($_POST['desContent']);
         if ($model->update()) {
             Yii::app()->user->setFlash('success', 'The page was updated successfully');
             $this->redirect($action);
             return;
         }
     }
     Yii::app()->user->setFlash('error', 'The page was not updated successfully, contact your administrator');
     $this->redirect($action);
     return;
 }
Esempio n. 17
0
 public function actionRoom($room_id)
 {
     $since = intval(isset($_POST["since"]) ? $_POST["since"] : $_GET["since"]);
     $room_id = (int) $room_id;
     $key = "chat{$room_id}";
     $room = Yii::app()->cache->get($key);
     if (!is_array($room)) {
         $room = [];
     }
     if (Yii::app()->request->isPostRequest) {
         $msg = trim($_POST["msg"]);
         $h = date("h");
         $m = date("i");
         if ($h == 4 && $m >= 20 && $m <= 40) {
             $p = new CHtmlPurifier();
             $p->options = Yii::app()->params["HTMLPurifierOptions"];
             $msg = trim($p->purify($msg));
         } else {
             $msg = strip_tags($msg);
         }
         if ($msg != "") {
             $msg = mb_substr($msg, 0, 2048);
             $msg = Yii::app()->parser->parse($msg);
             $line = ["u" => Yii::app()->user->login, "i" => Yii::app()->user->id, "t" => time(), "m" => $msg];
             array_push($room, $line);
             if (count($room) > 50) {
                 array_shift($room);
             }
         }
         Yii::app()->cache->set($key, $room, 60 * 60 * 24 * 3);
     }
     if ($since > 0) {
         $roomGood = [];
         foreach ($room as $k => $v) {
             $room["m"] .= " <small>(after {$since})</small>";
             if ($v["t"] > $since) {
                 $roomGood[] = $room[$k];
             }
         }
         $room = $roomGood;
     }
     echo json_encode(["room" => $room, "servertime" => time()]);
 }
Esempio n. 18
0
 protected function preFilter($filterChain)
 {
     // logic being applied before the action is executed
     if (isset($_POST) && count($_POST) > 0) {
         $obj = new CHtmlPurifier();
         $obj->options = array('HTML.Allowed' => 'p,b,u,a[href|title],i,img[src|alt|title],em,strong,strike,ul,ol,li,div[align],br', 'CSS.AllowedProperties' => array('text-decoration' => true, 'font-family' => true, 'font-size' => true, 'text-align' => true, 'padding-left' => true, 'padding-right' => true, 'padding-top' => true, 'padding-bottom' => true, 'color' => true, 'background-color' => true), 'AutoFormat.RemoveEmpty' => true);
         foreach ($_POST as $key => $val) {
             if (is_array($val)) {
                 $val = $obj->purify($val);
                 //$_POST[$key] = Yii::app()->input->xssClean($val);
                 $_POST[$key] = Yii::app()->input->xssClean($this->filterSubElement($val, $obj));
             } else {
                 $_POST[$key] = $obj->purify($val);
             }
         }
     }
     $filterChain->run();
     // return true; // false if the action should not be executed
 }
Esempio n. 19
0
 /**
  * @param $action
  */
 public static function savePage($action)
 {
     //var_dump($_POST); die;
     Yii::log("Function SavePage called", "trace", self::LOG_CAT);
     $model = DocPages::model()->findByPk($_POST['pageId']);
     if (isset($_POST['survContent'])) {
         $purifier = new CHtmlPurifier();
         $purifier->options = ['URI.AllowedSchemes' => ['http' => true, 'https' => true], 'Attr.AllowedFrameTargets' => ['_blank', '_self'], 'HTML.AllowedAttributes' => ['img.src', 'a.id', 'a.name', 'a.href', 'a.target', 'span.style']];
         //			echo $_POST['survContent'];
         $model->docData = $purifier->purify($_POST['survContent']);
         //			echo $model->docData; die;
         if ($model->update()) {
             Yii::app()->user->setFlash('success', 'The page was updated successfully');
             Yii::app()->request->redirect($action);
             return;
         }
     }
     Yii::app()->user->setFlash('error', 'The page was not updated successfully, contact your administrator');
     Yii::app()->request->redirect($action);
     return;
 }
Esempio n. 20
0
function XSSFilterArray(&$array)
{
    if (Yii::app()->getConfig('filterxsshtml') && Yii::app()->session['USER_RIGHT_SUPERADMIN'] != 1) {
        $filter = new CHtmlPurifier();
        $filter->options = array('URI.AllowedSchemes' => array('http' => true, 'https' => true));
        foreach ($array as &$value) {
            $value = $filter->purify($value);
        }
    }
}
Esempio n. 21
0
 public function validateBody($attr, $params)
 {
     $p = new CHtmlPurifier();
     $p->options = Yii::app()->params["HTMLPurifierOptions"];
     $this->{$attr} = trim($p->purify($this->{$attr}));
 }
Esempio n. 22
0
 /**
  * Получаем текст, при необходимости обрезаем:
  * 
  * @param mixed $size - максимальная длина
  * 
  * @return string
  */
 public function getText($size = false)
 {
     if (false === $size || $size > mb_strlen($this->text)) {
         return $this->text;
     }
     $p = new CHtmlPurifier();
     return $p->purify(mb_substr($this->text, 0, $size) . '...');
 }
 /**
  * Remove any script or dangerous HTML
  *
  * @param string $value
  */
 public function xssFilter($value)
 {
     $filter = new CHtmlPurifier();
     $filter->options = array('AutoFormat.RemoveEmpty' => false, 'Core.NormalizeNewlines' => false, 'CSS.AllowTricky' => true, 'HTML.SafeObject' => true, 'Output.FlashCompat' => true, 'Attr.EnableID' => true, 'Attr.AllowedFrameTargets' => array('_blank', '_self'), 'URI.AllowedSchemes' => array('http' => true, 'https' => true, 'mailto' => true, 'ftp' => true, 'nntp' => true, 'news' => true));
     // To allow script BUT purify : HTML.Trusted=true (plugin idea for admin or without XSS filtering ?)
     /** Start to get complete filtered value with  url decode {QCODE} (bug #09300). This allow only question number in url, seems OK with XSS protection **/
     $sFiltered = preg_replace('#%7B([a-zA-Z0-9\\.]*)%7D#', '{$1}', $filter->purify($value));
     Yii::import('application.helpers.expressions.em_core_helper');
     // Already imported in em_manager_helper.php ?
     $oExpressionManager = new ExpressionManager();
     /**  We get 2 array : one filtered, other unfiltered **/
     $aValues = $oExpressionManager->asSplitStringOnExpressions($value);
     // Return array of array : 0=>the string,1=>string length,2=>string type (STRING or EXPRESSION)
     $aFilteredValues = $oExpressionManager->asSplitStringOnExpressions($sFiltered);
     // Same but for the filtered string
     $bCountIsOk = count($aValues) == count($aFilteredValues);
     /** Construction of new string with unfiltered EM and filtered HTML **/
     $sNewValue = "";
     foreach ($aValues as $key => $aValue) {
         if ($aValue[2] == "STRING") {
             $sNewValue .= $bCountIsOk ? $aFilteredValues[$key][0] : $filter->purify($aValue[0]);
         } else {
             $sExpression = trim($aValue[0], '{}');
             $sNewValue .= "{";
             $aParsedExpressions = $oExpressionManager->Tokenize($sExpression, true);
             foreach ($aParsedExpressions as $aParsedExpression) {
                 if ($aParsedExpression[2] == 'DQ_STRING') {
                     $sNewValue .= "\"" . $filter->purify($aParsedExpression[0]) . "\"";
                 } elseif ($aParsedExpression[2] == 'SQ_STRING') {
                     $sNewValue .= "'" . $filter->purify($aParsedExpression[0]) . "'";
                 } else {
                     $sNewValue .= $aParsedExpression[0];
                 }
             }
             $sNewValue .= "}";
         }
     }
     gc_collect_cycles();
     // To counter a high memory usage of HTML-Purifier
     return $sNewValue;
 }
 /**
  * @inheritDoc IFieldType::prepValueFromPost()
  *
  * @param mixed $value
  *
  * @return mixed
  */
 public function prepValueFromPost($value)
 {
     // Temporary fix (hopefully) for a Redactor bug where some HTML will get submitted when the field is blank,
     // if any text was typed into the field, and then deleted
     if ($value == '<p><br></p>') {
         $value = '';
     }
     if ($value) {
         // Swap any pagebreak <hr>'s with <!--pagebreak-->'s
         $value = preg_replace('/<hr class="redactor_pagebreak".*?>/', '<!--pagebreak-->', $value);
         if ($this->getSettings()->purifyHtml) {
             $purifier = new \CHtmlPurifier();
             $purifier->setOptions(array('Attr.AllowedFrameTargets' => array('_blank'), 'HTML.AllowedComments' => array('pagebreak')));
             $value = $purifier->purify($value);
         }
         if ($this->getSettings()->cleanupHtml) {
             // Remove <span> and <font> tags
             $value = preg_replace('/<(?:span|font)\\b[^>]*>/', '', $value);
             $value = preg_replace('/<\\/(?:span|font)>/', '', $value);
             // Remove inline styles
             $value = preg_replace('/(<(?:h1|h2|h3|h4|h5|h6|p|div|blockquote|pre|strong|em|b|i|u|a)\\b[^>]*)\\s+style="[^"]*"/', '$1', $value);
             // Remove empty tags
             $value = preg_replace('/<(h1|h2|h3|h4|h5|h6|p|div|blockquote|pre|strong|em|a|b|i|u)\\s*><\\/\\1>/', '', $value);
         }
     }
     // Find any element URLs and swap them with ref tags
     $value = preg_replace_callback('/(href=|src=)([\'"])[^\'"]+?#(\\w+):(\\d+)(:' . HandleValidator::$handlePattern . ')?\\2/', function ($matches) {
         return $matches[1] . $matches[2] . '{' . $matches[3] . ':' . $matches[4] . (!empty($matches[5]) ? $matches[5] : ':url') . '}' . $matches[2];
     }, $value);
     return $value;
 }
Esempio n. 25
0
function XSSFilterArray(&$array)
{
    if (Yii::app()->getConfig('filterxsshtml') && !Permission::model()->hasGlobalPermission('superadmin', 'read')) {
        $filter = new CHtmlPurifier();
        $filter->options = array('URI.AllowedSchemes' => array('http' => true, 'https' => true));
        foreach ($array as &$value) {
            $value = $filter->purify($value);
        }
    }
}
Esempio n. 26
0
 /**
  * Show purified html
  * @param string : Html to purify
  * @return string
  */
 public static function purified($sHtml)
 {
     $oPurifier = new CHtmlPurifier();
     return $oPurifier->purify($sHtml);
 }
 /**
  * 格式化内容
  */
 static function formatHtml($content, $options = '')
 {
     $purifier = new CHtmlPurifier();
     if ($options != false) {
         $purifier->options = $options;
     }
     return $purifier->purify($content);
 }
Esempio n. 28
0
 /**
  *
  * Add answer to PDF
  *
  * @param $sQuestion - Question field text array
  * @param $sResponse - Answer field text array
  * @param $bReplaceExpressions - Try to replace LimeSurvey Expressions. This is false when exporting answers PDF from admin GUI
  *                               because we can not interpret expressions so just purify.
  *                               TODO: Find a universal valid method to interpret expressions
  * @param $bAllowBreakPage - Allow break cell in two pages
  * @return unknown_type
  */
 function addAnswer($sQuestion, $sResponse, $bReplaceExpressions = true, $bAllowBreakPage = false)
 {
     $oPurifier = new CHtmlPurifier();
     $sQuestionHTML = str_replace('-oth-', '', $sQuestion);
     // Copied from Writer::stripTagsFull. Really necessary?
     $sQuestionHTML = html_entity_decode(stripJavaScript($oPurifier->purify($sQuestionHTML)), ENT_COMPAT);
     if ($bReplaceExpressions) {
         $sData['thissurvey'] = $this->_aSurveyInfo;
         $sQuestionHTML = templatereplace($sQuestionHTML, array(), $sData, '', $this->_aSurveyInfo['anonymized'] == "Y", NULL, array(), true);
     }
     $sResponse = flattenText($sResponse, false, true, 'UTF-8', false);
     $startPage = $this->getPage();
     $this->startTransaction();
     $this->SetFontSize($this->_ibaseAnswerFontSize);
     $this->WriteHTMLCell(0, $this->_iCellHeight, $this->getX(), $this->getY(), $sQuestionHTML, 1, 1, true, true, 'L');
     $this->MultiCell(0, $this->_iCellHeight, $sResponse, 1, 'L', 0, 1, '', '', true);
     $this->ln(2);
     if ($this->getPage() != $startPage && !$bAllowBreakPage) {
         $this->rollbackTransaction(true);
         $this->AddPage();
         $this->addAnswer($sQuestion, $sResponse, $bReplaceExpressions, true);
         // "Last param = true" prevents an endless loop if a cell is longer than a page
     } else {
         $this->commitTransaction();
     }
 }
Esempio n. 29
0
 public function view($iSurveyID, $iId, $sBrowseLang = '')
 {
     if (Permission::model()->hasSurveyPermission($iSurveyID, 'responses', 'read')) {
         $aData = $this->_getData(array('iId' => $iId, 'iSurveyId' => $iSurveyID, 'browselang' => $sBrowseLang));
         $sBrowseLanguage = $aData['language'];
         extract($aData);
         $aViewUrls = array();
         $fncount = 0;
         $fieldmap = createFieldMap($iSurveyID, 'full', false, false, $aData['language']);
         $bHaveToken = $aData['surveyinfo']['anonymized'] == "N" && tableExists('tokens_' . $iSurveyID);
         // Boolean : show (or not) the token
         if (!Permission::model()->hasSurveyPermission($iSurveyID, 'tokens', 'read')) {
             unset($fieldmap['token']);
             $bHaveToken = false;
         }
         //add token to top of list if survey is not private
         if ($bHaveToken) {
             $fnames[] = array("token", gT("Token ID"), 'code' => 'token');
             $fnames[] = array("firstname", gT("First name"), 'code' => 'firstname');
             // or token:firstname ?
             $fnames[] = array("lastname", gT("Last name"), 'code' => 'lastname');
             $fnames[] = array("email", gT("Email"), 'code' => 'email');
         }
         $fnames[] = array("submitdate", gT("Submission date"), gT("Completed"), "0", 'D', 'code' => 'submitdate');
         $fnames[] = array("completed", gT("Completed"), "0");
         foreach ($fieldmap as $field) {
             if ($field['fieldname'] == 'lastpage' || $field['fieldname'] == 'submitdate') {
                 continue;
             }
             if ($field['type'] == 'interview_time') {
                 continue;
             }
             if ($field['type'] == 'page_time') {
                 continue;
             }
             if ($field['type'] == 'answer_time') {
                 continue;
             }
             //$question = $field['question'];
             $question = viewHelper::getFieldText($field);
             if ($field['type'] != "|") {
                 $fnames[] = array($field['fieldname'], viewHelper::getFieldText($field), 'code' => viewHelper::getFieldCode($field, array('LEMcompat' => true)));
             } elseif ($field['aid'] !== 'filecount') {
                 $qidattributes = getQuestionAttributeValues($field['qid']);
                 for ($i = 0; $i < $qidattributes['max_num_of_files']; $i++) {
                     $filenum = sprintf(gT("File %s"), $i + 1);
                     if ($qidattributes['show_title'] == 1) {
                         $fnames[] = array($field['fieldname'], "{$filenum} - {$question} (" . gT('Title') . ")", 'code' => viewHelper::getFieldCode($field) . '(title)', "type" => "|", "metadata" => "title", "index" => $i);
                     }
                     if ($qidattributes['show_comment'] == 1) {
                         $fnames[] = array($field['fieldname'], "{$filenum} - {$question} (" . gT('Comment') . ")", 'code' => viewHelper::getFieldCode($field) . '(comment)', "type" => "|", "metadata" => "comment", "index" => $i);
                     }
                     $fnames[] = array($field['fieldname'], "{$filenum} - {$question} (" . gT('File name') . ")", 'code' => viewHelper::getFieldCode($field) . '(name)', "type" => "|", "metadata" => "name", "index" => $i);
                     $fnames[] = array($field['fieldname'], "{$filenum} - {$question} (" . gT('File size') . ")", 'code' => viewHelper::getFieldCode($field) . '(size)', "type" => "|", "metadata" => "size", "index" => $i);
                     //$fnames[] = array($field['fieldname'], "File ".($i+1)." - ".$field['question']." (extension)", "type"=>"|", "metadata"=>"ext",     "index"=>$i);
                 }
             } else {
                 $fnames[] = array($field['fieldname'], gT("File count"));
             }
         }
         $nfncount = count($fnames) - 1;
         if ($iId < 1) {
             $iId = 1;
         }
         $exist = SurveyDynamic::model($iSurveyID)->exist($iId);
         $next = SurveyDynamic::model($iSurveyID)->next($iId, true);
         $previous = SurveyDynamic::model($iSurveyID)->previous($iId, true);
         $aData['exist'] = $exist;
         $aData['next'] = $next;
         $aData['previous'] = $previous;
         $aData['id'] = $iId;
         $aViewUrls[] = 'browseidheader_view';
         if ($exist) {
             $oPurifier = new CHtmlPurifier();
             //SHOW INDIVIDUAL RECORD
             $oCriteria = new CDbCriteria();
             if ($bHaveToken) {
                 $oCriteria = SurveyDynamic::model($iSurveyID)->addTokenCriteria($oCriteria);
             }
             $oCriteria->addCondition("id = {$iId}");
             $iIdresult = SurveyDynamic::model($iSurveyID)->findAllAsArray($oCriteria);
             foreach ($iIdresult as $iIdrow) {
                 $iId = $iIdrow['id'];
                 $rlanguage = $iIdrow['startlanguage'];
             }
             $next = SurveyDynamic::model($iSurveyID)->next($iId);
             $previous = SurveyDynamic::model($iSurveyID)->previous($iId);
             $aData['bHasFile'] = false;
             if (isset($rlanguage)) {
                 $aData['rlanguage'] = $rlanguage;
             }
             foreach ($iIdresult as $iIdrow) {
                 $highlight = false;
                 for ($i = 0; $i < $nfncount + 1; $i++) {
                     if ($fnames[$i][0] != 'completed' && is_null($iIdrow[$fnames[$i][0]])) {
                         continue;
                         // irrelevant, so don't show
                     }
                     $inserthighlight = '';
                     if ($highlight) {
                         $inserthighlight = "class='highlight'";
                     }
                     if ($fnames[$i][0] == 'completed') {
                         if ($iIdrow['submitdate'] == NULL || $iIdrow['submitdate'] == "N") {
                             $answervalue = "N";
                         } else {
                             $answervalue = "Y";
                         }
                     } else {
                         if (isset($fnames[$i]['type']) && $fnames[$i]['type'] == "|") {
                             $index = $fnames[$i]['index'];
                             $metadata = $fnames[$i]['metadata'];
                             $phparray = json_decode_ls($iIdrow[$fnames[$i][0]]);
                             if (isset($phparray[$index])) {
                                 switch ($metadata) {
                                     case "size":
                                         $answervalue = sprintf(gT("%s KB"), intval($phparray[$index][$metadata]));
                                         break;
                                     case "name":
                                         $answervalue = CHtml::link($oPurifier->purify(rawurldecode($phparray[$index][$metadata])), $this->getController()->createUrl("/admin/responses", array("sa" => "actionDownloadfile", "surveyid" => $surveyid, "iResponseId" => $iId, "sFileName" => $phparray[$index][$metadata])));
                                         break;
                                     default:
                                         $answervalue = htmlspecialchars(strip_tags(stripJavaScript($phparray[$index][$metadata])));
                                 }
                                 $aData['bHasFile'] = true;
                             } else {
                                 $answervalue = "";
                             }
                         } else {
                             $answervalue = htmlspecialchars(strip_tags(stripJavaScript(getExtendedAnswer($iSurveyID, $fnames[$i][0], $iIdrow[$fnames[$i][0]], $sBrowseLanguage))), ENT_QUOTES);
                         }
                     }
                     $aData['answervalue'] = $answervalue;
                     $aData['inserthighlight'] = $inserthighlight;
                     $aData['fnames'] = $fnames;
                     $aData['i'] = $i;
                     $aViewUrls['browseidrow_view'][] = $aData;
                 }
             }
         } else {
             Yii::app()->session['flashmessage'] = gT("This response ID is invalid.");
         }
         $aViewUrls[] = 'browseidfooter_view';
         $aData['sidemenu']['state'] = false;
         $aData['menu']['edition'] = true;
         $aData['menu']['view'] = true;
         $aData['menu']['close'] = true;
         $this->_renderWrappedTemplate('', $aViewUrls, $aData);
     } else {
         $aData['surveyid'] = $iSurveyID;
         $message['title'] = gT('Access denied!');
         $message['message'] = gT('You do not have sufficient rights to access this page.');
         $message['class'] = "error";
         $this->_renderWrappedTemplate('survey', array("message" => $message), $aData);
     }
 }
Esempio n. 30
0
 public static function resolveTextContent($htmlContent, $textContent)
 {
     if ($htmlContent != null && $textContent == null) {
         $purifier = new CHtmlPurifier();
         $purifier->options = array('HTML.Allowed' => 'p,br');
         // Not Coding Standard
         $textContent = $purifier->purify($htmlContent);
         $textContent = preg_replace('#<br\\s*?/?>#i', "\n", $textContent);
         $textContent = preg_replace('#<p\\s*?/?>#i', "\n\n", $textContent);
         $textContent = preg_replace('#</p\\s*?/?>#i', "", $textContent);
     }
     return $textContent;
 }