/** save */ public function save($dao) { if (!isset($dao->uuid) || empty($dao->uuid)) { /** @var UuidComponent $uuidComponent */ $uuidComponent = MidasLoader::loadComponent('Uuid'); $dao->setUuid($uuidComponent->generate()); } $name = $dao->getName(); if (empty($name) && $name !== '0') { throw new Zend_Exception('Please set a name for the Community.'); } $cleanDescription = UtilityComponent::filterHtmlTags($dao->getDescription()); $dao->setDescription($cleanDescription); parent::save($dao); }
/** * Make sure that we are safely filtering html tags. */ public function testFilterHtmlTags() { // Assert that plain text with no tags is unchanged $text = 'test plain text'; $val = UtilityComponent::filterHtmlTags($text); $this->assertEquals($text, $val); // Assert that we allow certain tags $text = '<b>bold</b><br><br /><i>italic</i><p>paragraph</p><a href="http://site.com">anchor</a><div>Div</div>'; $val = UtilityComponent::filterHtmlTags($text); $this->assertEquals($text, $val); // Assert that we strip disallowed attributes such as id $text = '<a id="idLink">anchor</a>'; $val = UtilityComponent::filterHtmlTags($text); $this->assertEquals($val, '<a>anchor</a>'); // Assert that we strip disallowed tags such as script $text = '<script type="text/javascript">malicious javascript</script>'; $val = UtilityComponent::filterHtmlTags($text); $this->assertEquals($val, 'malicious javascript'); }
/** * Default save override. * * @param dao The item dao to save * @param metadataChanged (bool, default = true) This parameter is passed to the * CALLBACK_CORE_ITEM_SAVED and should only be set to true on the * final save of the item in the controller's execution. */ public function save($dao, $metadataChanged = true) { if (!isset($dao->uuid) || empty($dao->uuid)) { /** @var UuidComponent $uuidComponent */ $uuidComponent = MidasLoader::loadComponent('Uuid'); $dao->setUuid($uuidComponent->generate()); } if (!isset($dao->date_creation) || empty($dao->date_creation)) { $dao->setDateCreation(date('Y-m-d H:i:s')); } if (!isset($dao->type) || empty($dao->type)) { $dao->setType(0); } $dao->setDateUpdate(date('Y-m-d H:i:s')); $dao->setDescription(UtilityComponent::filterHtmlTags($dao->getDescription())); parent::save($dao); Zend_Registry::get('notifier')->callback('CALLBACK_CORE_ITEM_SAVED', array('item' => $dao, 'metadataChanged' => $metadataChanged)); }
/** * Override the save function. */ public function save($application) { // Strip out unsafe html tags from description $application->setDescription(UtilityComponent::filterHtmlTags($application->getDescription())); parent::save($application); }