function actionSearch($q = null, $page = 1)
{
$pages = new CPagination();
$pages->pageSize = 50;
$pages->currentPage = $page;
$p = new CHtmlPurifier();
$q = CHtml::encode($p->purify($q));
$searchCriteria = new stdClass();
$searchCriteria->select = 'id';
$searchCriteria->query = $q . '*';
$searchCriteria->paginator = $pages;
$searchCriteria->from = join(",", $this->indexes);
// Получаем данные в виде массива
$resArray = Yii::App()->search->searchRaw($searchCriteria);
$news = null;
if (is_array($resArray['matches'])) {
$c = new CDbCriteria();
$c->order = 'FIELD(id,' . join(",", array_keys($resArray['matches'])) . ')';
$news = News::model()->findAllByPk(array_keys($resArray['matches']), $c);
}
$this->render("search_results", array('news' => $news));
}
protected function purifyHtml($html)
{
// remove bad parsing
$html = preg_replace('#\\\\r\\\\n|\\\\r|\\\\n|\\\\#sui', '', $html);
$p = new CHtmlPurifier();
$p->options = array('HTML.Allowed' => 'img[src],p,br,b,strong,i');
$html = $p->purify($html);
$p->options = array('HTML.Allowed' => '');
$text = $p->purify($html);
if (mb_strlen($text, 'UTF-8') === mb_strlen($html, 'UTF-8')) {
return '<pre>' . $text . '</pre>';
}
return $html;
}
public function safeTransform($content)
{
$content = $this->transform($content);
$purifier = new CHtmlPurifier();
$purifier->options = $this->purifierOptions;
return $purifier->purify($content);
}
/**
* @param \Solarium\QueryType\Select\Result\Result $ergebnisse
* @return array();
*/
public static function ergebnisse2FeedData($ergebnisse)
{
$data = array();
$dokumente = $ergebnisse->getDocuments();
$highlighting = $ergebnisse->getHighlighting();
$purifier = new CHtmlPurifier();
$purifier->options = array('URI.AllowedSchemes' => array('http' => true, 'https' => true));
foreach ($dokumente as $dokument) {
$model = Dokument::getDocumentBySolrId($dokument->id);
$risitem = $model->getRISItem();
if (!$risitem) {
continue;
}
$link = $risitem->getLink();
$highlightedDoc = $highlighting->getResult($dokument->id);
$item = array("title" => $model->name . " (zu " . $risitem->getTypName() . " \"" . $risitem->getName() . "\"", "link" => $link, "content" => "", "dateCreated" => RISTools::date_iso2timestamp(str_replace("T", " ", str_replace("Z", "", $dokument->sort_datum))), "aenderung_guid" => $link);
if ($highlightedDoc && count($highlightedDoc) > 0) {
foreach ($highlightedDoc as $highlight) {
$item["content"] .= $purifier->purify(implode(' (...) ', $highlight)) . '<br/>';
}
}
$data[] = $item;
}
return $data;
}
/**
* 对内容进行过滤 未使用
*/
public static function htmlPurifier($content)
{
$p = new CHtmlPurifier();
//过滤规则
$p->options = array('URI.Disable' => true);
return $p->purify($content);
}
public function Purify($value)
{
$p = new CHtmlPurifier();
$p->options = array('HTML.Allowed' => 'strong,em,u,h1,h2,h3,h4');
$cleanHtml = $p->purify($value);
return $cleanHtml;
}
public function safehtml($attr, $params)
{
$p = new CHtmlPurifier();
$p->options = Yii::app()->params["HTMLPurifierOptions"];
$p->options["HTML.Allowed"] = "a[href],b,strong,i,em,u,small,sub,sup";
$this->{$attr} = trim($p->purify($this->{$attr}));
}
public function purifyText($attribute, $params)
{
$module = Yii::app()->getModule('comment');
$p = new CHtmlPurifier();
$p->options = ['HTML.Allowed' => $module->allowedTags];
$this->{$attribute} = $p->purify($this->{$attribute});
}
/**
* Processes the captured output.
* This method converts the content in markdown syntax to HTML code.
* If {@link purifyOutput} is true, the HTML code will also be purified.
* @param string $output the captured output to be processed
* @see convert
*/
public function processOutput($output)
{
$output = $this->transform($output);
if ($this->purifyOutput) {
$purifier = new CHtmlPurifier();
$output = $purifier->purify($output);
}
parent::processOutput($output);
}
/**
* Manage the created fields
*/
public function beforeSave()
{
if ($this->isNewRecord) {
$this->created = time();
}
$p = new CHtmlPurifier();
$this->subject = $p->purify($this->subject);
return parent::beforeSave();
}
/**
* Process a string with markup
*
* @abstract
* @param string $input
* @return string $output
*/
public function process($input)
{
$out = $this->processMarkup($input);
if ($this->purify) {
$purifier = new CHtmlPurifier();
$out = $purifier->purify($out);
}
return $out;
}
public static function filterString($string)
{
$string = strip_tags($string);
$string = stripcslashes($string);
$string = htmlspecialchars($string);
$p = new CHtmlPurifier();
$string = $p->purify($string);
$string = addslashes($string);
$string = str_replace("\r\n", "\n", $string);
return $string;
}
public function actionHtmlPurifier()
{
$user_input = null;
if (isset($_POST['user_input'])) {
$user_input = $_POST['user_input'];
}
$parser = new CHtmlPurifier();
//create instance of CHtmlPurifier
$user_input = $parser->purify($user_input);
//we purify the $user_input
$this->render("htmlpurifier", array('user_input' => $user_input));
}
public function run()
{
$this->markdown = CHtml::encode($this->markdown);
$parserClass = $this->parserClass;
$parser = new $parserClass();
$html = $parser->parse($this->markdown);
if ($this->purifyOutput) {
$purifier = new CHtmlPurifier();
$html = $purifier->purify($html);
}
$this->render('markdownView', array('content' => $html));
}
/**
* Required POSTED data are :
* phone_number - required - number
* dispo_name - required - any
* @return void
*/
public function actionSave()
{
header("Content-Type: application/json");
$returnResult = ['status' => "", 'message' => ""];
$p = new CHtmlPurifier();
$disposaleForm = new DisposaleForm();
$disposaleForm->dispo_name = $p->purify(@$_POST['dispo_name']);
$disposaleForm->phone_number = $p->purify(@$_POST['phone_number']);
$disposaleForm->posted_data = json_encode(@$_POST);
if ($disposaleForm->validate()) {
if ($disposaleForm->save()) {
$returnResult['status'] = 'success';
$returnResult['message'] = "New dispo sale saved";
} else {
$returnResult['status'] = 'failed';
$returnResult['message'] = CHtml::errorSummary($disposaleForm);
}
} else {
$returnResult['status'] = 'failed';
$returnResult['message'] = CHtml::errorSummary($disposaleForm);
}
echo json_encode($returnResult);
}
/**
* @param $action
*/
private function savePage($action)
{
//var_dump($_POST); die;
Yii::log("Function SavePage DesignController called", "trace", self::LOG_CAT);
$model = DocPages::model()->findByPk($_POST['pageId']);
if (isset($_POST['desContent'])) {
$purifier = new CHtmlPurifier();
$model->docData = $purifier->purify($_POST['desContent']);
if ($model->update()) {
Yii::app()->user->setFlash('success', 'The page was updated successfully');
$this->redirect($action);
return;
}
}
Yii::app()->user->setFlash('error', 'The page was not updated successfully, contact your administrator');
$this->redirect($action);
return;
}
public function actionRoom($room_id)
{
$since = intval(isset($_POST["since"]) ? $_POST["since"] : $_GET["since"]);
$room_id = (int) $room_id;
$key = "chat{$room_id}";
$room = Yii::app()->cache->get($key);
if (!is_array($room)) {
$room = [];
}
if (Yii::app()->request->isPostRequest) {
$msg = trim($_POST["msg"]);
$h = date("h");
$m = date("i");
if ($h == 4 && $m >= 20 && $m <= 40) {
$p = new CHtmlPurifier();
$p->options = Yii::app()->params["HTMLPurifierOptions"];
$msg = trim($p->purify($msg));
} else {
$msg = strip_tags($msg);
}
if ($msg != "") {
$msg = mb_substr($msg, 0, 2048);
$msg = Yii::app()->parser->parse($msg);
$line = ["u" => Yii::app()->user->login, "i" => Yii::app()->user->id, "t" => time(), "m" => $msg];
array_push($room, $line);
if (count($room) > 50) {
array_shift($room);
}
}
Yii::app()->cache->set($key, $room, 60 * 60 * 24 * 3);
}
if ($since > 0) {
$roomGood = [];
foreach ($room as $k => $v) {
$room["m"] .= " <small>(after {$since})</small>";
if ($v["t"] > $since) {
$roomGood[] = $room[$k];
}
}
$room = $roomGood;
}
echo json_encode(["room" => $room, "servertime" => time()]);
}
protected function preFilter($filterChain)
{
// logic being applied before the action is executed
if (isset($_POST) && count($_POST) > 0) {
$obj = new CHtmlPurifier();
$obj->options = array('HTML.Allowed' => 'p,b,u,a[href|title],i,img[src|alt|title],em,strong,strike,ul,ol,li,div[align],br', 'CSS.AllowedProperties' => array('text-decoration' => true, 'font-family' => true, 'font-size' => true, 'text-align' => true, 'padding-left' => true, 'padding-right' => true, 'padding-top' => true, 'padding-bottom' => true, 'color' => true, 'background-color' => true), 'AutoFormat.RemoveEmpty' => true);
foreach ($_POST as $key => $val) {
if (is_array($val)) {
$val = $obj->purify($val);
//$_POST[$key] = Yii::app()->input->xssClean($val);
$_POST[$key] = Yii::app()->input->xssClean($this->filterSubElement($val, $obj));
} else {
$_POST[$key] = $obj->purify($val);
}
}
}
$filterChain->run();
// return true; // false if the action should not be executed
}
/**
* @param $action
*/
public static function savePage($action)
{
//var_dump($_POST); die;
Yii::log("Function SavePage called", "trace", self::LOG_CAT);
$model = DocPages::model()->findByPk($_POST['pageId']);
if (isset($_POST['survContent'])) {
$purifier = new CHtmlPurifier();
$purifier->options = ['URI.AllowedSchemes' => ['http' => true, 'https' => true], 'Attr.AllowedFrameTargets' => ['_blank', '_self'], 'HTML.AllowedAttributes' => ['img.src', 'a.id', 'a.name', 'a.href', 'a.target', 'span.style']];
// echo $_POST['survContent'];
$model->docData = $purifier->purify($_POST['survContent']);
// echo $model->docData; die;
if ($model->update()) {
Yii::app()->user->setFlash('success', 'The page was updated successfully');
Yii::app()->request->redirect($action);
return;
}
}
Yii::app()->user->setFlash('error', 'The page was not updated successfully, contact your administrator');
Yii::app()->request->redirect($action);
return;
}
function XSSFilterArray(&$array)
{
if (Yii::app()->getConfig('filterxsshtml') && Yii::app()->session['USER_RIGHT_SUPERADMIN'] != 1) {
$filter = new CHtmlPurifier();
$filter->options = array('URI.AllowedSchemes' => array('http' => true, 'https' => true));
foreach ($array as &$value) {
$value = $filter->purify($value);
}
}
}
public function validateBody($attr, $params)
{
$p = new CHtmlPurifier();
$p->options = Yii::app()->params["HTMLPurifierOptions"];
$this->{$attr} = trim($p->purify($this->{$attr}));
}
/**
* Получаем текст, при необходимости обрезаем:
*
* @param mixed $size - максимальная длина
*
* @return string
*/
public function getText($size = false)
{
if (false === $size || $size > mb_strlen($this->text)) {
return $this->text;
}
$p = new CHtmlPurifier();
return $p->purify(mb_substr($this->text, 0, $size) . '...');
}
/**
* Remove any script or dangerous HTML
*
* @param string $value
*/
public function xssFilter($value)
{
$filter = new CHtmlPurifier();
$filter->options = array('AutoFormat.RemoveEmpty' => false, 'Core.NormalizeNewlines' => false, 'CSS.AllowTricky' => true, 'HTML.SafeObject' => true, 'Output.FlashCompat' => true, 'Attr.EnableID' => true, 'Attr.AllowedFrameTargets' => array('_blank', '_self'), 'URI.AllowedSchemes' => array('http' => true, 'https' => true, 'mailto' => true, 'ftp' => true, 'nntp' => true, 'news' => true));
// To allow script BUT purify : HTML.Trusted=true (plugin idea for admin or without XSS filtering ?)
/** Start to get complete filtered value with url decode {QCODE} (bug #09300). This allow only question number in url, seems OK with XSS protection **/
$sFiltered = preg_replace('#%7B([a-zA-Z0-9\\.]*)%7D#', '{$1}', $filter->purify($value));
Yii::import('application.helpers.expressions.em_core_helper');
// Already imported in em_manager_helper.php ?
$oExpressionManager = new ExpressionManager();
/** We get 2 array : one filtered, other unfiltered **/
$aValues = $oExpressionManager->asSplitStringOnExpressions($value);
// Return array of array : 0=>the string,1=>string length,2=>string type (STRING or EXPRESSION)
$aFilteredValues = $oExpressionManager->asSplitStringOnExpressions($sFiltered);
// Same but for the filtered string
$bCountIsOk = count($aValues) == count($aFilteredValues);
/** Construction of new string with unfiltered EM and filtered HTML **/
$sNewValue = "";
foreach ($aValues as $key => $aValue) {
if ($aValue[2] == "STRING") {
$sNewValue .= $bCountIsOk ? $aFilteredValues[$key][0] : $filter->purify($aValue[0]);
} else {
$sExpression = trim($aValue[0], '{}');
$sNewValue .= "{";
$aParsedExpressions = $oExpressionManager->Tokenize($sExpression, true);
foreach ($aParsedExpressions as $aParsedExpression) {
if ($aParsedExpression[2] == 'DQ_STRING') {
$sNewValue .= "\"" . $filter->purify($aParsedExpression[0]) . "\"";
} elseif ($aParsedExpression[2] == 'SQ_STRING') {
$sNewValue .= "'" . $filter->purify($aParsedExpression[0]) . "'";
} else {
$sNewValue .= $aParsedExpression[0];
}
}
$sNewValue .= "}";
}
}
gc_collect_cycles();
// To counter a high memory usage of HTML-Purifier
return $sNewValue;
}
/**
* @inheritDoc IFieldType::prepValueFromPost()
*
* @param mixed $value
*
* @return mixed
*/
public function prepValueFromPost($value)
{
// Temporary fix (hopefully) for a Redactor bug where some HTML will get submitted when the field is blank,
// if any text was typed into the field, and then deleted
if ($value == '<p><br></p>') {
$value = '';
}
if ($value) {
// Swap any pagebreak <hr>'s with <!--pagebreak-->'s
$value = preg_replace('/<hr class="redactor_pagebreak".*?>/', '<!--pagebreak-->', $value);
if ($this->getSettings()->purifyHtml) {
$purifier = new \CHtmlPurifier();
$purifier->setOptions(array('Attr.AllowedFrameTargets' => array('_blank'), 'HTML.AllowedComments' => array('pagebreak')));
$value = $purifier->purify($value);
}
if ($this->getSettings()->cleanupHtml) {
// Remove <span> and <font> tags
$value = preg_replace('/<(?:span|font)\\b[^>]*>/', '', $value);
$value = preg_replace('/<\\/(?:span|font)>/', '', $value);
// Remove inline styles
$value = preg_replace('/(<(?:h1|h2|h3|h4|h5|h6|p|div|blockquote|pre|strong|em|b|i|u|a)\\b[^>]*)\\s+style="[^"]*"/', '$1', $value);
// Remove empty tags
$value = preg_replace('/<(h1|h2|h3|h4|h5|h6|p|div|blockquote|pre|strong|em|a|b|i|u)\\s*><\\/\\1>/', '', $value);
}
}
// Find any element URLs and swap them with ref tags
$value = preg_replace_callback('/(href=|src=)([\'"])[^\'"]+?#(\\w+):(\\d+)(:' . HandleValidator::$handlePattern . ')?\\2/', function ($matches) {
return $matches[1] . $matches[2] . '{' . $matches[3] . ':' . $matches[4] . (!empty($matches[5]) ? $matches[5] : ':url') . '}' . $matches[2];
}, $value);
return $value;
}
function XSSFilterArray(&$array)
{
if (Yii::app()->getConfig('filterxsshtml') && !Permission::model()->hasGlobalPermission('superadmin', 'read')) {
$filter = new CHtmlPurifier();
$filter->options = array('URI.AllowedSchemes' => array('http' => true, 'https' => true));
foreach ($array as &$value) {
$value = $filter->purify($value);
}
}
}
/**
* Show purified html
* @param string : Html to purify
* @return string
*/
public static function purified($sHtml)
{
$oPurifier = new CHtmlPurifier();
return $oPurifier->purify($sHtml);
}
/**
* 格式化内容
*/
static function formatHtml($content, $options = '')
{
$purifier = new CHtmlPurifier();
if ($options != false) {
$purifier->options = $options;
}
return $purifier->purify($content);
}
/**
*
* Add answer to PDF
*
* @param $sQuestion - Question field text array
* @param $sResponse - Answer field text array
* @param $bReplaceExpressions - Try to replace LimeSurvey Expressions. This is false when exporting answers PDF from admin GUI
* because we can not interpret expressions so just purify.
* TODO: Find a universal valid method to interpret expressions
* @param $bAllowBreakPage - Allow break cell in two pages
* @return unknown_type
*/
function addAnswer($sQuestion, $sResponse, $bReplaceExpressions = true, $bAllowBreakPage = false)
{
$oPurifier = new CHtmlPurifier();
$sQuestionHTML = str_replace('-oth-', '', $sQuestion);
// Copied from Writer::stripTagsFull. Really necessary?
$sQuestionHTML = html_entity_decode(stripJavaScript($oPurifier->purify($sQuestionHTML)), ENT_COMPAT);
if ($bReplaceExpressions) {
$sData['thissurvey'] = $this->_aSurveyInfo;
$sQuestionHTML = templatereplace($sQuestionHTML, array(), $sData, '', $this->_aSurveyInfo['anonymized'] == "Y", NULL, array(), true);
}
$sResponse = flattenText($sResponse, false, true, 'UTF-8', false);
$startPage = $this->getPage();
$this->startTransaction();
$this->SetFontSize($this->_ibaseAnswerFontSize);
$this->WriteHTMLCell(0, $this->_iCellHeight, $this->getX(), $this->getY(), $sQuestionHTML, 1, 1, true, true, 'L');
$this->MultiCell(0, $this->_iCellHeight, $sResponse, 1, 'L', 0, 1, '', '', true);
$this->ln(2);
if ($this->getPage() != $startPage && !$bAllowBreakPage) {
$this->rollbackTransaction(true);
$this->AddPage();
$this->addAnswer($sQuestion, $sResponse, $bReplaceExpressions, true);
// "Last param = true" prevents an endless loop if a cell is longer than a page
} else {
$this->commitTransaction();
}
}
public function view($iSurveyID, $iId, $sBrowseLang = '')
{
if (Permission::model()->hasSurveyPermission($iSurveyID, 'responses', 'read')) {
$aData = $this->_getData(array('iId' => $iId, 'iSurveyId' => $iSurveyID, 'browselang' => $sBrowseLang));
$sBrowseLanguage = $aData['language'];
extract($aData);
$aViewUrls = array();
$fncount = 0;
$fieldmap = createFieldMap($iSurveyID, 'full', false, false, $aData['language']);
$bHaveToken = $aData['surveyinfo']['anonymized'] == "N" && tableExists('tokens_' . $iSurveyID);
// Boolean : show (or not) the token
if (!Permission::model()->hasSurveyPermission($iSurveyID, 'tokens', 'read')) {
unset($fieldmap['token']);
$bHaveToken = false;
}
//add token to top of list if survey is not private
if ($bHaveToken) {
$fnames[] = array("token", gT("Token ID"), 'code' => 'token');
$fnames[] = array("firstname", gT("First name"), 'code' => 'firstname');
// or token:firstname ?
$fnames[] = array("lastname", gT("Last name"), 'code' => 'lastname');
$fnames[] = array("email", gT("Email"), 'code' => 'email');
}
$fnames[] = array("submitdate", gT("Submission date"), gT("Completed"), "0", 'D', 'code' => 'submitdate');
$fnames[] = array("completed", gT("Completed"), "0");
foreach ($fieldmap as $field) {
if ($field['fieldname'] == 'lastpage' || $field['fieldname'] == 'submitdate') {
continue;
}
if ($field['type'] == 'interview_time') {
continue;
}
if ($field['type'] == 'page_time') {
continue;
}
if ($field['type'] == 'answer_time') {
continue;
}
//$question = $field['question'];
$question = viewHelper::getFieldText($field);
if ($field['type'] != "|") {
$fnames[] = array($field['fieldname'], viewHelper::getFieldText($field), 'code' => viewHelper::getFieldCode($field, array('LEMcompat' => true)));
} elseif ($field['aid'] !== 'filecount') {
$qidattributes = getQuestionAttributeValues($field['qid']);
for ($i = 0; $i < $qidattributes['max_num_of_files']; $i++) {
$filenum = sprintf(gT("File %s"), $i + 1);
if ($qidattributes['show_title'] == 1) {
$fnames[] = array($field['fieldname'], "{$filenum} - {$question} (" . gT('Title') . ")", 'code' => viewHelper::getFieldCode($field) . '(title)', "type" => "|", "metadata" => "title", "index" => $i);
}
if ($qidattributes['show_comment'] == 1) {
$fnames[] = array($field['fieldname'], "{$filenum} - {$question} (" . gT('Comment') . ")", 'code' => viewHelper::getFieldCode($field) . '(comment)', "type" => "|", "metadata" => "comment", "index" => $i);
}
$fnames[] = array($field['fieldname'], "{$filenum} - {$question} (" . gT('File name') . ")", 'code' => viewHelper::getFieldCode($field) . '(name)', "type" => "|", "metadata" => "name", "index" => $i);
$fnames[] = array($field['fieldname'], "{$filenum} - {$question} (" . gT('File size') . ")", 'code' => viewHelper::getFieldCode($field) . '(size)', "type" => "|", "metadata" => "size", "index" => $i);
//$fnames[] = array($field['fieldname'], "File ".($i+1)." - ".$field['question']." (extension)", "type"=>"|", "metadata"=>"ext", "index"=>$i);
}
} else {
$fnames[] = array($field['fieldname'], gT("File count"));
}
}
$nfncount = count($fnames) - 1;
if ($iId < 1) {
$iId = 1;
}
$exist = SurveyDynamic::model($iSurveyID)->exist($iId);
$next = SurveyDynamic::model($iSurveyID)->next($iId, true);
$previous = SurveyDynamic::model($iSurveyID)->previous($iId, true);
$aData['exist'] = $exist;
$aData['next'] = $next;
$aData['previous'] = $previous;
$aData['id'] = $iId;
$aViewUrls[] = 'browseidheader_view';
if ($exist) {
$oPurifier = new CHtmlPurifier();
//SHOW INDIVIDUAL RECORD
$oCriteria = new CDbCriteria();
if ($bHaveToken) {
$oCriteria = SurveyDynamic::model($iSurveyID)->addTokenCriteria($oCriteria);
}
$oCriteria->addCondition("id = {$iId}");
$iIdresult = SurveyDynamic::model($iSurveyID)->findAllAsArray($oCriteria);
foreach ($iIdresult as $iIdrow) {
$iId = $iIdrow['id'];
$rlanguage = $iIdrow['startlanguage'];
}
$next = SurveyDynamic::model($iSurveyID)->next($iId);
$previous = SurveyDynamic::model($iSurveyID)->previous($iId);
$aData['bHasFile'] = false;
if (isset($rlanguage)) {
$aData['rlanguage'] = $rlanguage;
}
foreach ($iIdresult as $iIdrow) {
$highlight = false;
for ($i = 0; $i < $nfncount + 1; $i++) {
if ($fnames[$i][0] != 'completed' && is_null($iIdrow[$fnames[$i][0]])) {
continue;
// irrelevant, so don't show
}
$inserthighlight = '';
if ($highlight) {
$inserthighlight = "class='highlight'";
}
if ($fnames[$i][0] == 'completed') {
if ($iIdrow['submitdate'] == NULL || $iIdrow['submitdate'] == "N") {
$answervalue = "N";
} else {
$answervalue = "Y";
}
} else {
if (isset($fnames[$i]['type']) && $fnames[$i]['type'] == "|") {
$index = $fnames[$i]['index'];
$metadata = $fnames[$i]['metadata'];
$phparray = json_decode_ls($iIdrow[$fnames[$i][0]]);
if (isset($phparray[$index])) {
switch ($metadata) {
case "size":
$answervalue = sprintf(gT("%s KB"), intval($phparray[$index][$metadata]));
break;
case "name":
$answervalue = CHtml::link($oPurifier->purify(rawurldecode($phparray[$index][$metadata])), $this->getController()->createUrl("/admin/responses", array("sa" => "actionDownloadfile", "surveyid" => $surveyid, "iResponseId" => $iId, "sFileName" => $phparray[$index][$metadata])));
break;
default:
$answervalue = htmlspecialchars(strip_tags(stripJavaScript($phparray[$index][$metadata])));
}
$aData['bHasFile'] = true;
} else {
$answervalue = "";
}
} else {
$answervalue = htmlspecialchars(strip_tags(stripJavaScript(getExtendedAnswer($iSurveyID, $fnames[$i][0], $iIdrow[$fnames[$i][0]], $sBrowseLanguage))), ENT_QUOTES);
}
}
$aData['answervalue'] = $answervalue;
$aData['inserthighlight'] = $inserthighlight;
$aData['fnames'] = $fnames;
$aData['i'] = $i;
$aViewUrls['browseidrow_view'][] = $aData;
}
}
} else {
Yii::app()->session['flashmessage'] = gT("This response ID is invalid.");
}
$aViewUrls[] = 'browseidfooter_view';
$aData['sidemenu']['state'] = false;
$aData['menu']['edition'] = true;
$aData['menu']['view'] = true;
$aData['menu']['close'] = true;
$this->_renderWrappedTemplate('', $aViewUrls, $aData);
} else {
$aData['surveyid'] = $iSurveyID;
$message['title'] = gT('Access denied!');
$message['message'] = gT('You do not have sufficient rights to access this page.');
$message['class'] = "error";
$this->_renderWrappedTemplate('survey', array("message" => $message), $aData);
}
}
public static function resolveTextContent($htmlContent, $textContent)
{
if ($htmlContent != null && $textContent == null) {
$purifier = new CHtmlPurifier();
$purifier->options = array('HTML.Allowed' => 'p,br');
// Not Coding Standard
$textContent = $purifier->purify($htmlContent);
$textContent = preg_replace('#<br\\s*?/?>#i', "\n", $textContent);
$textContent = preg_replace('#<p\\s*?/?>#i', "\n\n", $textContent);
$textContent = preg_replace('#</p\\s*?/?>#i', "", $textContent);
}
return $textContent;
}