function testSecureHTMLInput()
{
$in = '<a href="test.html">TAG CONTENTS</a>';
$ex = $in;
$this->assertEquals($ex, secureHTMLInput($in), 'Touches me');
$in = '<h1>H1 CONT</h1><p align="right"><a href="test.html" onclick="malicious">TEST</a></p><em>test</em><invalid>INVALID TAG CONTENTS</invalid>';
$ex = '<h1>H1 CONT</h1><p align="right"><a href="test.html">TEST</a></p><em>test</em>INVALID TAG CONTENTS';
$this->assertEquals($ex, secureHTMLInput($in), 'Wrong output');
}
function onSavePage($pageID, $pageTitle, $pageNavTitle, $pageContent)
{
$pageManager =& $this->_pluginAPI->getPageManager();
$t =& $this->_pluginAPI->getI18NManager();
$config =& $this->_pluginAPI->getConfigManager();
$editedPage = $pageManager->newPage();
$editedPage->initFromDatabaseID($pageID);
$pageLang = $config->getStringItem('/user/pageEditContentLanguage');
if ($editedPage->translationExists($pageLang)) {
$tPage = $editedPage->getTranslation($pageLang);
$pageContent = secureHTMLInput($pageContent);
$tPage->updateFromArray(array('translated_content' => $pageContent, 'translated_title' => $pageTitle, 'translated_nav_title' => $pageNavTitle));
$r = $tPage->updateToDatabase();
} else {
$tPage = $pageManager->newTranslatedPage();
$tPage->initFromArray(array('translated_content' => $pageContent, 'translated_title' => $pageTitle, 'translated_nav_title' => $pageNavTitle, 'language_code' => $pageLang));
$r = $editedPage->addTranslation($tPage);
}
if (!isError($r)) {
$this->_pluginAPI->addMessage($t->translate('Page saved'), NOTICE);
} else {
die("A PROBLEM occured");
}
$a = $this->_pluginAPI->executePreviousAction();
}
function onSavePage($pageID, $pageTitle, $pageNavTitle, $pageContent)
{
$pageManager =& $this->_pluginAPI->getPageManager();
$page =& $pageManager->newPage();
$page->initFromName('MorgOS_Admin_PageManager');
$sm =& $this->_pluginAPI->getSmarty();
$t =& $this->_pluginAPI->getI18NManager();
if ($this->_pluginAPI->canUserViewPage($page->getID())) {
$editedPage = $pageManager->newPage();
$editedPage->initFromDatabaseID($pageID);
$tPage = $editedPage->getTranslation('en_UK');
$pageContent = secureHTMLInput($pageContent);
$tPage->updateFromArray(array('translatedContent' => $pageContent, 'translatedTitle' => $pageTitle, 'translatedNavTitle' => $pageNavTitle));
$tPage->updateToDatabase();
$this->_pluginAPI->addMessage($t->translate('Page saved'), NOTICE);
$a = $this->_pluginAPI->executePreviousAction();
} else {
$this->_pluginAPI->addRuntimeMessage('Login as a valid admin user to view this page.', NOTICE);
$sm->display('admin/login.tpl');
}
}
