/** * @depends testPurifyHtmlAndModifyInputUsingArrayWalkRecursive */ public function testSanitizeDataByDesignerTypeForSavingModel() { $data = array('firstName' => 'Steve', 'lastName' => 'Thunder<SCRIPT>alert(\'XSS\')</SCRIPT>', 'boolean' => '0', 'date' => '3/25/11', 'dateTime' => '04/05/11 5:00 AM', 'float' => '3.68', 'integer' => '10', 'phone' => '435655', 'string' => 'some string<SCRIPT>alert(\'XSS\')</SCRIPT>', 'textArea' => 'more text here<SCRIPT>alert(\'XSS\')</SCRIPT>', 'url' => 'http://www.zurmo.org', 'dropDown' => array('value' => 'test value<SCRIPT>alert(\'XSS\')</SCRIPT>'), 'radioDropDown' => array('value' => 'my value'), 'multiDropDown' => array('values' => array('multi1', 'multi2')), 'tagCloud' => array('values' => 'tag1,tag2<SCRIPT>alert(\'XSS\')</SCRIPT>')); $model = new TestDataUtilModel(); $sanitizedData = DataUtil::sanitizeDataByDesignerTypeForSavingModel($model, $data); $compareData = array('firstName' => 'Steve', 'lastName' => 'Thunder', 'boolean' => '0', 'date' => DateTimeUtil::resolveValueForDateDBFormatted('3/25/11'), 'dateTime' => DateTimeUtil::convertDateTimeLocaleFormattedDisplayToDbFormattedDateTimeWithSecondsAsZero('04/05/11 5:00 AM'), 'float' => '3.68', 'integer' => '10', 'phone' => '435655', 'string' => 'some string', 'textArea' => 'more text here', 'url' => 'http://www.zurmo.org', 'dropDown' => array('value' => 'test value'), 'radioDropDown' => array('value' => 'my value'), 'multiDropDown' => array('values' => array('multi1', 'multi2')), 'tagCloud' => array('values' => array('tag1', 'tag2'))); $this->assertEquals($compareData, $sanitizedData); }
/** * Sanitizes post data for date and date time attributes by converting them to the proper * format and timezone for saving. * @return - array sanitized post data */ public static function sanitizePostByDesignerTypeForSavingModel($model, $postData) { $postData = DataUtil::sanitizeDataByDesignerTypeForSavingModel($model, $postData); return $postData; }