public function create()
 {
     access::verify_csrf();
     $form = $this->_get_theme_form();
     if ($form->validate()) {
         $session = Session::instance();
         $extract_path = $session->get_once("theme_extract_path");
         $v = new View("admin_themeroller_progress.html");
         $task_def = Task_Definition::factory()->callback("themeroller_task::create_theme")->description(t("Generate theme from a themeroller archive"))->name(t("Generate theme"));
         $v->task = task::create($task_def, array("path" => $extract_path, "user_name" => SafeString::purify(identity::active_user()->name), "original_name" => SafeString::purify($form->theme->original->value), "theme_name" => SafeString::purify($form->theme->theme_name->value), "display_name" => SafeString::purify($form->theme->display_name->value), "description" => SafeString::purify($form->theme->description->value), "author_url" => SafeString::purify($form->theme->author_url->value), "info_url" => SafeString::purify($form->theme->info_url->value), "discuss_url" => SafeString::purify($form->theme->discuss_url->value), "is_admin" => $session->get("themeroller_is_admin")));
         json::reply(array("html" => (string) $v));
     } else {
         json::reply(array("result" => "error", "html" => (string) $form));
     }
 }
Esempio n. 2
0
 /**
  * Returns a string that is safe to be used in HTML (XSS protection),
  * purifying (filtering) the given HTML to ensure that the result contains
  * only non-malicious HTML.
  *
  * Example:<pre>
  *   <div><?= html::purify($item->title) ?>
  * </pre>
  */
 static function purify($html)
 {
     return SafeString::purify($html);
 }
 public function purify_safe_html_test()
 {
     $safe_string = SafeString::of_safe_html("hello <p  >world</p>");
     $actual = SafeString::purify($safe_string);
     $this->assert_equal("hello <p  >world</p>", $actual);
 }