public function encode($arguments) { $encodedArguments = array(); foreach ($arguments as $argument => $value) { if (in_array($argument, $this->whiteList)) { $encodedArguments[$argument] = Reform::HtmlEncode($value); } } return $encodedArguments; }
function print_tab_attr($act, $mod = "a") { global $mt_select; if ($mod == "a") { ?> href="<?php get_url('admin', 'mt_customization', null, array('sub_act' => $act, 'mt_select' => Reform::HtmlEncode($_REQUEST['mt_select']))); ?> "; <?php } else { if ($act == $request_sub_act) { echo " class='active'"; } } }
public function testVbsStringDefault() { $this->assertEquals("\"\"", Reform::VbsString(null, null), "Null for both parameters"); $this->assertEquals("\"abc\"&chrw(60)", Reform::VbsString(null, "abc<")); $this->assertEquals("chrw(60)&\"abc\"", Reform::VbsString(null, "<abc")); // Usual stuff $this->assertEquals("\"default\"", Reform::VbsString(null, "default"), "Checking default"); // Non encoded characters $this->assertEquals("\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0987654321 ,.\"", Reform::VbsString(null, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0987654321 ,."), "Non encoding chars via default"); // Usual suspects $this->assertEquals("chrw(60)&chrw(62)&chrw(38)&chrw(34)&chrw(92)&chrw(39)", Reform::VbsString(null, "<>&\"\\'"), "Usual suspects via default"); // Other characters $this->assertEquals("chrw(96)&chrw(126)&chrw(33)&chrw(64)&chrw(35)&chrw(36)&chrw(37)&chrw(94)&chrw(38)&chrw(42)&chrw(40)&chrw(41)&chrw(95)&chrw(43)&chrw(61)&chrw(45)&chrw(123)&chrw(125)&chrw(124)&chrw(92)&chrw(93)&chrw(91)&chrw(58)&chrw(59)&chrw(39)&chrw(47)&chrw(63)&chrw(62)&chrw(60)", Reform::VbsString(null, "`~!@#\$%^&*()_+=-{}|\\][:;'/?><"), "Punctuation via default"); // Unicode characters $toEncode = ""; $encodedStr = ""; for ($i = 128; $i < 6000; $i++) { $toEncode .= ReformTests::unichr($i); $encodedStr .= sprintf("&chrw(%d)", $i); } $encodedStr = ltrim($encodedStr, '&'); // remove & $this->assertEquals($encodedStr, Reform::VbsString(null, $toEncode), "Unicode characters to 6000 via default"); // The following are sanity checks // Non encoded characters $this->assertEquals("\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0987654321 ,.\"", Reform::VbsString("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0987654321 ,.", "default"), "Non encoding chars"); // Usual suspects $this->assertEquals("chrw(60)&chrw(62)&chrw(38)&chrw(34)&chrw(92)&chrw(39)", Reform::VbsString("<>&\"\\'", "default"), "Usual suspects"); // Other characters $this->assertEquals("chrw(96)&chrw(126)&chrw(33)&chrw(64)&chrw(35)&chrw(36)&chrw(37)&chrw(94)&chrw(38)&chrw(42)&chrw(40)&chrw(41)&chrw(95)&chrw(43)&chrw(61)&chrw(45)&chrw(123)&chrw(125)&chrw(124)&chrw(92)&chrw(93)&chrw(91)&chrw(58)&chrw(59)&chrw(39)&chrw(47)&chrw(63)&chrw(62)&chrw(60)", Reform::VbsString("`~!@#\$%^&*()_+=-{}|\\][:;'/?><", "default"), "Punctuation"); // Unicode characters $toEncode = ""; $encodedStr = ""; for ($i = 128; $i < 6000; $i++) { $toEncode .= ReformTests::unichr($i); $encodedStr .= sprintf("&chrw(%d)", $i); } $encodedStr = ltrim($encodedStr, '&'); // remove & $this->assertEquals($encodedStr, Reform::VbsString($toEncode, "default"), "Unicode characters to 6000"); }
function VbsString($str, $default = '') { if (empty($str)) { $str = $default; if (empty($str)) { return '""'; } } settype($str, 'string'); $out = ''; $inStr = false; $len = mb_strlen($str); // Allow: a-z A-Z 0-9 SPACE , . // Allow (dec): 97-122 65-90 48-57 32 44 46 for ($cnt = 0; $cnt < $len; $cnt++) { $c = Reform::uniord(Reform::unicharat($str, $cnt)); if ($c >= 97 && $c <= 122 || $c >= 65 && $c <= 90 || $c >= 48 && $c <= 57 || $c == 32 || $c == 44 || $c == 46) { if (!$inStr) { $inStr = true; $out .= '&"'; } $out .= Reform::unicharat($str, $cnt); } else { if (!$inStr) { $out .= sprintf('&chrw(%d)', $c); } else { $out .= sprintf('"&chrw(%d)', $c); $inStr = false; } } } return ltrim($out, '&') . ($inStr ? '"' : ''); }
public function act_save_query() { include_once APPROOT . 'inc/lib_uuid.inc'; if ($_GET['actions'] == 'save_org_sql') { unset($_GET['shuffle_results']); } if (isset($_GET['query_save'])) { $saveQuery = new SaveQuery(); $saveQuery->save_query_record_number = shn_create_uuid('query'); $saveQuery->name = Reform::HtmlEncode($_GET['query_name']); $saveQuery->description = Reform::HtmlEncode($_GET['query_desc']); $saveQuery->created_date = date("Y-m-d"); $saveQuery->created_by = $_SESSION['username']; $query = isset($_GET['query']) ? $_GET['query'] : analysis_get_query(); $query_type = isset($_GET['query']) ? 'advanced' : 'basic'; $saveQuery->query = $query; $saveQuery->query_type = $query_type; $saveQuery->Save(); if ($_GET['stream'] == 'text') { echo "{'success':true}"; } else { shnMessageQueue::addInformation(_t('QUERY_WAS_SAVED_SUCCESSFULLY_')); } } }