public function save($val, $page) { $expected = ['title' => '', 'keywords' => '', 'description' => '', 'tags' => '', 'privacy' => 0, 'comments' => 1, 'likes' => 1, 'active' => 1, 'show_menu' => 1, 'content' => '']; /** * @var $title * @var $keywords * @var $description * @var $tags * @var $privacy * @var $comments * @var $likes * @var $active * @var $show_menu * @var $content */ extract(array_merge($expected, $val)); $page->title = $title; $page->description = sanitizeText($description); $page->keywords = sanitizeText($keywords); $page->tags = $tags; $page->privacy = $privacy; $page->show_menu = $show_menu; $page->content = lawedContent($content); $page->show_comments = $comments; $page->show_likes = $likes; $page->content = $content; $page->active = $active; $page->save(); return true; }
function sanitizeText($string, $limit = false) { if (!is_string($string)) { return $string; } $string = lawedContent($string); //great one $string = trim($string); $string = str_replace('<', '<', $string); $string = str_replace('>', '>', $string); $string = str_replace("'", ''', $string); $string = htmlspecialchars($string); $string = str_replace('\\r\\n', '<br>', $string); $string = str_replace('\\n\\n', '<br>', $string); $string = stripslashes($string); $string = str_replace('&#', '&#', $string); if ($limit) { $string = substr($string, 0, $limit); } return $string; }