function _sanitize_param($value, $config = null) { if (is_array($value)) { foreach ($value as $key => $item) { $value[$key] = _sanitize_param($item, $config); } return $value; } else { if (THELIA_MAGIC_QUOTE_ENABLED) { $value = stripcslashes($value); } return TheliaPurifier::instance()->purifier($value); } }
public function set_admin_mode() { $mask = '#^(http|https)://(%s)#'; $allowURI = Variable::lire('htmlpurifier_whiteList', 'www.youtube.com/embed/\\nplayer.vimeo.com/video/\\nmaps.google.*/'); $config = HTMLPurifier_Config::createDefault(); $config->set('Core.Encoding', "UTF-8"); $config->set('HTML.DefinitionID', 'Thelia back-office content filter'); $config->set('HTML.DefinitionRev', 1); $config->set('Attr.EnableID', true); $config->set('CSS.AllowTricky', true); $config->set('HTML.Allowed', 'a,strong,em,div,p,span,img,li,ul,ol,sup,sub,small,big,code,blockquote,h1,h2,h3,h4,h5, iframe'); $config->set('HTML.AllowedAttributes', 'a.href,a.title,img.src,img.alt,img.title,img.width,img.height,*.style,*.id,*.class, iframe.width, iframe.height, iframe.src, iframe.frameborder'); $config->set('AutoFormat.Linkify', true); $config->set('HTML.Doctype', 'XHTML 1.0 Transitional'); //Filter.Youtube est déprécié, à remplacer dans thelia 1.5.3.5, voir début de la méthode // $config->set('Filter.YouTube', true); $config->set('HTML.SafeObject', true); $config->set('Output.FlashCompat', true); $config->set('HTML.SafeIframe', true); $config->set('URI.SafeIframeRegexp', sprintf($mask, str_replace("\n", "|", $allowURI))); $config->set('HTML.TidyLevel', 'medium'); // Recreate a new instance with this config self::$purifier = new HTMLPurifier($config); }
function filtrevar($var, $filtre, $complement = "", $purifier = 1) { $erreur = 0; if ($filtre == "" || $var == "") { return $var; } switch ($filtre) { case "int": if (!preg_match("/^[0-9{$complement}]*\$/", $var)) { $erreur = 1; } break; case "string_iso_strict": if (!preg_match("/^[0-9a-zA-Z_]*\$/", $var)) { $erreur = 1; } break; case "string": if ($purifier) { $var = TheliaPurifier::instance()->purifier($var); } break; case "float": if (!preg_match("/^[0-9\\.\\,{$complement}]*\$/", $var)) { $erreur = 1; } break; case "int_list": if (!preg_match("/^[0-9\\,{$complement}]*\$/", $var)) { $erreur = 1; } break; case "string_list": if ($purifier) { $var = TheliaPurifier::instance()->purifier($var); } break; default: break; } if ($erreur == 1) { return ""; } // Pour les boucles $var = str_replace("\"", """, $var); return $var; }