public function init() { $stripTags = new Zend_Filter_StripTags(); $stripTags->setTagsAllowed(array('p', 'a', 'img', 'strong', 'b', 'i', 'em', 's', 'del')); $stripTags->setAttributesAllowed(array('href', 'target', 'rel', 'name', 'src', 'width', 'height', 'alt', 'title')); $this->addElement('textarea', 'description', array('class' => 'richedit', 'label' => 'Description:', 'required' => true, 'filters' => array('StringTrim', $stripTags), 'validators' => array(new Zend_Validate_NotEmpty())))->addElement('hidden', 'recipe_id')->addElement('submit', 'submit'); }
/** * Ensures that the filter works properly for the data reported on fw-general on 2007-05-26 * * @see http://www.nabble.com/question-about-tag-filter-p10813688s16154.html * @return void */ public function testFilter20070526() { $tagsAllowed = array('object' => array('width', 'height'), 'param' => array('name', 'value'), 'embed' => array('src', 'type', 'wmode', 'width', 'height')); $this->_filter->setTagsAllowed($tagsAllowed); $input = '<object width="425" height="350"><param name="movie" value="http://www.example.com/path/to/movie">' . '</param><param name="wmode" value="transparent"></param><embed ' . 'src="http://www.example.com/path/to/movie" type="application/x-shockwave-flash" ' . 'wmode="transparent" width="425" height="350"></embed></object>'; $expected = '<object width="425" height="350"><param name="movie" value="http://www.example.com/path/to/movie">' . '</param><param name="wmode" value="transparent"></param><embed ' . 'src="http://www.example.com/path/to/movie" type="application/x-shockwave-flash" ' . 'wmode="transparent" width="425" height="350"></embed></object>'; $this->assertEquals($expected, $this->_filter->filter($input)); }
/** * @group ZF-11617 */ public function testFilterCanAllowHyphenatedAttributeNames() { $input = '<li data-disallowed="no!" data-name="Test User" data-id="11223"></li>'; $expected = '<li data-name="Test User" data-id="11223"></li>'; $this->_filter->setTagsAllowed('li'); $this->_filter->setAttributesAllowed(array('data-id', 'data-name')); $this->assertEquals($expected, $this->_filter->filter($input)); }
/** * Reset filter to the default settings for the current section * @return void */ public static function resetFilter() { if (!self::$filter || !self::$filter instanceof Zend_Filter_StripTags) { self::$filter = new Zend_Filter_StripTags(); } self::$filter->setAttributesAllowed(Sobi::Cfg('html.allowed_attributes_array')); self::$filter->setTagsAllowed(Sobi::Cfg('html.allowed_tags_array')); }
/** * Ensures that a closing angle bracket in an allowed attribute does not break the parser * * @return void * @link http://framework.zend.com/issues/browse/ZF-3278 */ public function testClosingAngleBracketInAllowedAttributeValue() { $tagsAllowed = array('a' => 'href'); $this->_filter->setTagsAllowed($tagsAllowed); $input = '<a href="Some > Text">'; $expected = '<a href="Some > Text">'; $this->assertEquals($expected, $this->_filter->filter($input)); }
/** * Ensures that unallowed tags and attributes are stripped and that tags are backward-compatible XHTML * * @return void */ public function testBasicBehaviors() { $input = '<a href="http://example.com" style="color: #ffffff"><b>Some Text</b></a><br/>'; $expected = '<a href="http://example.com">Some Text</a><br />'; $tagsAllowed = array('a' => 'href', 'br'); $this->_filter->setTagsAllowed($tagsAllowed); $this->assertEquals($expected, $this->_filter->filter($input)); }
public function init() { $stripTags = new Zend_Filter_StripTags(); $stripTags->setTagsAllowed(array('p', 'a', 'img', 'strong', 'b', 'i', 'em', 's', 'del')); $stripTags->setAttributesAllowed(array('href', 'target', 'rel', 'name', 'src', 'width', 'height', 'alt', 'title')); $this->setAction('/rating/new'); $this->addElement('select', 'value', array('label' => 'Rating:', 'required' => true, 'multiOptions' => array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10)))->addElement('textarea', 'comment', array('class' => 'richedit', 'label' => 'Comment:', 'filters' => array('StringTrim', $stripTags), 'validators' => array(new Zend_Validate_NotEmpty())))->addElement('hidden', 'recipe_id')->addElement('submit', 'submit'); }
/** * Ensures that an allowed attribute's value may end with an equals sign '=' * * @return void * @link http://framework.zend.com/issues/browse/ZF-3293 */ public function testAllowedAttributeValueMayEndWithEquals() { $tagsAllowed = array( 'element' => 'attribute' ); $this->_filter->setTagsAllowed($tagsAllowed); $input = '<element attribute="a=">contents</element>'; $this->assertEquals($input, $this->_filter->filter($input)); }
/** * @group ZF-5983 */ public function testDisallowedAttributesSplitOverMultipleLinesShouldBeStripped() { $tagsAllowed = array('a' => 'href'); $this->_filter->setTagsAllowed($tagsAllowed); $input = '<a href="http://framework.zend.com/issues" onclick = "alert("Gotcha"); return false;">http://framework.zend.com/issues</a>'; $filtered = $this->_filter->filter($input); $this->assertNotContains('onclick', $filtered); }