/** * Sanitize payment fields * - some gateways include js in their payment fields * * @param WC_Payment_Gateway $gateway * @return mixed|string */ protected function sanitize_payment_fields(WC_Payment_Gateway $gateway) { $html = ''; if ($gateway->has_fields() || $gateway->get_description()) { ob_start(); $gateway->payment_fields(); $html = ob_get_contents(); ob_end_clean(); // remove script tags $html = $this->removeDomNodes($html, '//script'); } return self::trim_html_string($html); }
/** * Sanitize payment fields * - some gateways include js in their payment fields * @param WC_Payment_Gateway $gateway * @return mixed|string */ protected function sanitize_payment_fields(WC_Payment_Gateway $gateway) { $html = ''; if ($gateway->has_fields() || $gateway->get_description()) { ob_start(); $gateway->payment_fields(); $html = ob_get_contents(); ob_end_clean(); // remove any javascript // note: DOMDocument causes more problems than it's worth // $doc = new DOMDocument(); // $doc->loadHTML($html, LIBXML_HTML_NOIMPLIED | LIBXML_HTML_NODEFDTD); // $script_tags = $doc->getElementsByTagName('script'); // $length = $script_tags->length; // for ($i = 0; $i < $length; $i++) { // $script_tags->item($i)->parentNode->removeChild($script_tags->item($i)); // } // echo $doc->saveHTML(); // simple preg_replace $html = preg_replace('/<script.+?<\\/script>/im', '', $html); } return $html; }