/** * Recursive function to convert the json to the right format * * @param object $node JSON object of a node/top node * @param string $context Record or Collection * @param string $hierarchyID Collection ID * @param integer $level Indicating the depth of recursion * * @return array */ protected function buildNodeArray($node, $context, $hierarchyID, $level = 0) { $escaper = new \Zend\Escaper\Escaper('utf-8'); $htmlID = $level . '_' . preg_replace('/\\W/', '-', $node->id); $ret = ['id' => $htmlID, 'text' => $escaper->escapeHtml($node->title), 'li_attr' => ['recordid' => $node->id], 'a_attr' => ['href' => $this->getContextualUrl($node, $context, $hierarchyID, $htmlID), 'title' => $node->title], 'type' => $node->type]; if (isset($node->children)) { $ret['children'] = []; $level++; for ($i = 0; $i < count($node->children); $i++) { $ret['children'][$i] = $this->buildNodeArray($node->children[$i], $context, $hierarchyID, $level); } } return $ret; }
/** * Function errorHandler * All error display and log * Display the Error, Line and File * Same behavior of HelpfulDie fuction in OpenEMR * Path /library/sql.inc * * @param type $e * @param string $sql * @param array $binds */ public function errorHandler($e, $sql, $binds = '') { $escaper = new \Zend\Escaper\Escaper('utf-8'); $trace = $e->getTraceAsString(); $nLast = strpos($trace, '[internal function]'); $trace = substr($trace, 0, $nLast - 3); $logMsg = ''; do { $logMsg .= "\r Exception: " . $escaper->escapeHtml($e->getMessage()); } while ($e = $e->getPrevious()); /** List all Params */ $processedBinds = ""; if (is_array($binds)) { $firstLoop = true; foreach ($binds as $valueBind) { if ($firstLoop) { $processedBinds .= "'" . $valueBind . "'"; $firstLoop = false; } else { $processedBinds .= ",'" . $valueBind . "'"; } } if (!empty($processedBinds)) { $processedBinds = "(" . $processedBinds . ")"; } } echo '<pre><span style="color: red;">'; echo 'ERROR : ' . $logMsg; echo "\r\n"; echo 'SQL statement : ' . $escaper->escapeHtml($sql); echo $escaper->escapeHtml($processedBinds); echo '</span></pre>'; echo '<pre>'; echo $trace; echo '</pre>'; /** Error Logging */ $logMsg .= "\n SQL statement : {$sql}" . $processedBinds; $logMsg .= "\n {$trace}"; error_log("ERROR: " . $logMsg, 0); }
/** * Convert JSTree JSON structure to HTML * * @param object $node JSON object of a the JSTree * @param string $context Record or Collection * @param string $hierarchyID Collection ID * @param string $recordID The currently active record * * @return string */ protected function jsonToHTML($node, $context, $hierarchyID, $recordID = false) { $escaper = new \Zend\Escaper\Escaper('utf-8'); $name = strlen($node->title) > 100 ? substr($node->title, 0, 100) . '...' : $node->title; $href = $this->getContextualUrl($node, $context); $icon = $node->type == 'record' ? 'file-o' : 'folder-open'; $html = '<li'; if ($node->type == 'collection') { $html .= ' class="hierarchy'; if ($recordID && $recordID == $node->id) { $html .= ' currentHierarchy'; } $html .= '"'; } elseif ($recordID && $recordID == $node->id) { $html .= ' class="currentRecord"'; } $html .= '><i class="fa fa-li fa-' . $icon . '"></i> ' . '<a name="tree-' . $escaper->escapeHtmlAttr($node->id) . '" href="' . $escaper->escapeHtmlAttr($href) . '" title="' . $escaper->escapeHtml($node->title) . '">' . $escaper->escapeHtml($name) . '</a>'; if (isset($node->children)) { $html .= '<ul class="fa-ul">'; foreach ($node->children as $child) { $html .= $this->jsonToHTML($child, $context, $hierarchyID, $recordID); } $html .= '</ul>'; } return $html . '</li>'; }
/** * Escape a string * * @param string $string * @return string */ protected function escape($string) { $enc = 'UTF-8'; if ($this->view instanceof \Zend\View\Renderer\RendererInterface && method_exists($this->view, 'getEncoding')) { $enc = $this->view->getEncoding(); $escaper = $this->view->plugin('escapeHtml'); return $escaper((string) $string); } /** * bump this out to a protected method to kill the instance penalty! */ $escaper = new \Zend\Escaper\Escaper($enc); return $escaper->escapeHtml((string) $string); /** * Replaced to ensure consistent escaping */ //return htmlspecialchars((string) $string, ENT_COMPAT, $enc); }
/** * (non-PHPdoc) * @see \mithra62\Platforms\View\ViewInterface::m62Escape() */ public function m62Escape($string) { $escaper = new \Zend\Escaper\Escaper('utf-8'); return $escaper->escapeHtml($string); }
/** * Editar usuario * * @return ViewModel */ public function editarAction() { $login = $this->params()->fromRoute('id', null); /** @var UsuarioService $service */ $service = $this->getFromServiceLocator(Usuario::SERVICE); /** @var \Application\Entity\User $usuario */ $usuario = $service->findByLogin($login); if (!$usuario) { return $this->redirect()->toRoute(Rotas::USUARIO); } /** @var \Application\Entity\User $usuarioLogado */ $usuarioLogado = $this->getFromServiceLocator(Usuario::ZFCUSER_AUTH_SERVICE)->getIdentity(); /** @var UsuarioForm $form */ $form = $this->getFromServiceLocator(self::USUARIO_FORM); $form->get(Usuario::FLD_ORGAO)->setValue($usuario->getUnidade()->getOrgao()->getSeqOrgao()); $redirectUrl = $this->url()->fromRoute(Rotas::USUARIO) . "/editar/{$login}"; $prg = $this->prg($redirectUrl, true); if ($prg instanceof Response) { return $prg; } elseif ($prg === false) { $form->bind($usuario); $form->setObject($usuario); $unidadeAtual = $form->get(Usuario::FLD_UNIDADE)->getValue()->getSeqUnidade(); $unidades = $this->createSelectUnidades($form->get(Usuario::FLD_ORGAO)->getValue()); $form->get(Usuario::FLD_UNIDADE)->setValueOptions($unidades); $form->get(Usuario::FLD_UNIDADE)->setValue($unidadeAtual); return array('form' => $form, 'isCorregedor' => $usuarioLogado->isCorregedorGeral()); } $form->setData($prg); if (strcmp($usuario->getLoginUsuario(), $prg[Usuario::FLD_LOGIN]) === 0) { $form->getInputFilter()->remove(Usuario::FLD_LOGIN); } $isValid = true; if ($form->get(Usuario::FLD_SENHA)->getValue()) { $pwd = $form->get(Usuario::FLD_SENHA)->getValue(); $bcrypt = new Bcrypt(); $bcrypt->setCost($service->getOptions()->getPasswordCost()); if ($bcrypt->verify($pwd, $usuario->getPassword())) { $form->setMessages(array(Usuario::FLD_SENHA => [Mensagens::getMensagem('M13')])); $isValid = false; } } if ($isValid && $form->isValid()) { try { if ($usuario = $service->editar($prg)) { $this->flashMessenger()->addSuccessMessage(Mensagens::getMensagem('M09')); return $this->redirect()->toRoute(Rotas::USUARIO); } else { $this->flashMessenger()->addErrorMessage(Mensagens::getMensagem('MERRO')); } } catch (\Exception $e) { $escaper = new \Zend\Escaper\Escaper('utf-8'); $msg = '<br/><br/>' . $escaper->escapeJs(nl2br($e->getMessage())); $this->flashMessenger()->addErrorMessage(Mensagens::getMensagem('MERRO') . $msg); } } if ($usuario) { $unidadeAtual = $usuario->getUnidade()->getSeqUnidade(); $unidades = $this->createSelectUnidades($form->get(Usuario::FLD_ORGAO)->getValue()); $form->get(Usuario::FLD_UNIDADE)->setValueOptions($unidades); $form->get(Usuario::FLD_UNIDADE)->setValue($unidadeAtual); } return array('form' => $form, 'isCorregedor' => $usuarioLogado->isCorregedorGeral()); }