Esempi in PHP per Tygh\Tools SecurityHelper::escapeHtml

Esempio n. 1

File: function.array_to_fields.php Progetto: ambient-lounge/site

/**
 * Converts array to html hidden fields
 *
 * Type:     function<br>
 * Name:     array_to_fields<br>
 * @param array $param params list
 * @return object $template template object
 */
function smarty_function_array_to_fields($params, &$template)
{
    $result = '';
    $pattern = '<input type="hidden" name="%s" value="%s" />' . "\n";
    foreach ($params['data'] as $name => $value) {
        if (empty($value)) {
            continue;
        }
        if (!empty($params['skip']) && in_array($name, $params['skip'])) {
            continue;
        }
        if (!empty($params['escape']) && in_array($name, $params['escape'])) {
            if (is_array($value)) {
                foreach ($value as $index => &$data) {
                    $data = SecurityHelper::escapeHtml($data);
                }
            } else {
                $value = SecurityHelper::escapeHtml($value);
            }
        }
        if (is_array($value)) {
            foreach ($value as $index => $data) {
                $result .= sprintf($pattern, $name . '[' . $index . ']', $data);
            }
        } else {
            $result .= sprintf($pattern, $name, $value);
        }
    }
    return $result;
}

Esempio n. 2

File: fn.common.php Progetto: arpad9/bygmarket

/**
 * Add/remove html special chars
 *
 * @deprecated In favour of use Tygh\Tools\SecurityHelper::encodeHtml()
 * @since 4.3.1
 *
 * @param mixed $data data to filter
 * @param bool $revert if true, decode special chars
 * @return mixed filtered variable
 */
function fn_html_escape($data, $revert = false)
{
    return SecurityHelper::escapeHtml($data, $revert);
}

Esempio n. 3

File: Base.php Progetto: ambient-lounge/site

 protected function arrayToXml($item, $data, $level = 0, $attr = array())
 {
     $tab = str_repeat('    ', $level);
     if (!is_array($data)) {
         $attr_str = '';
         if (!empty($attr)) {
             foreach ($attr as $attr_key => $attr_value) {
                 $attr_str .= ' ' . $attr_key . '="' . $attr_value . '"';
             }
         }
         $txt = SecurityHelper::escapeHtml($data);
         $txt = str_replace(array('«', '»', ''', '"'), "'", $txt);
         return $tab . '<' . $item . $attr_str . '>' . str_replace(array('&amp;amp;', '&amp;hellip;', '&amp;nbsp;', '&amp;mdash;', '&amp;reg;', '&amp;ndash;', '&amp;trade;'), '', $txt) . '</' . $item . ">\n";
     }
     $xml = '';
     foreach ($data as $item_type => $value) {
         if (is_numeric($item_type)) {
             if (is_array($value)) {
                 $attr = !empty($value['attr']) ? $value['attr'] : array();
                 $attr_str = '';
                 if (!empty($attr)) {
                     foreach ($attr as $attr_key => $attr_value) {
                         $attr_str .= ' ' . $attr_key . '="' . $attr_value . '"';
                     }
                 }
                 if (isset($value['value'])) {
                     $xml .= $tab . '<' . $item . $attr_str . '>' . SecurityHelper::escapeHtml($value['value']) . '</' . $item . ">\n";
                 } elseif (isset($value['items'])) {
                     $xml .= $tab . '<' . $item . ">\n" . $this->arrayToXml($item_type, $value, $level + 1) . $tab . '</' . $item . ">\n";
                 } else {
                     $xml .= $tab . '<' . $item . $attr_str . "/>\n";
                 }
             } else {
                 $xml .= $this->arrayToXml($item, $value, $level);
             }
         } else {
             $xml .= $tab . '<' . $item . ">\n" . $this->arrayToXml($item_type, $value, $level + 1) . $tab . '</' . $item . ">\n";
         }
     }
     return $xml;
 }