/**
* Outputs data into the template
*
* @param string $output The String to be output into the template
* @param bool $sanitize Flag that will sanitize the output for display
*/
function out($output, $sanitize = true, $decode_special_entities = false)
{
if ($sanitize) {
$output = owa_sanitize::escapeForDisplay($output);
if ($decode_special_entities) {
$output = strtr($output, array('&' => '&'));
}
}
echo $output;
}
/**
* Sanitizes for safe input. Takes an array of options:
*
* - hidden_spaces - removes any non space whitespace characters
* - escape_html - Encode any html entities. Encode must be true for the `remove_html` to work.
* - dollar - Escape `$` with `\$`
* - carriage - Remove `\r`
* - unicode
* - backslash -
* - remove_html - Strip HTML with strip_tags. `encode` must be true for this option to work.
*
* @param mixed $data Data to sanitize
* @param array $options
* @return mixed Sanitized data
* @access public
* @static
*/
function cleanInput($input, $options = array())
{
if (empty($input)) {
return;
}
$options = array_merge(array('hidden_spaces' => true, 'remove_html' => false, 'encode' => true, 'dollar' => true, 'carriage' => true, 'unicode' => true, 'escape_html' => true, 'backslash' => true), $options);
if (is_array($input)) {
$output = array();
foreach ($input as $k => $v) {
$output[$k] = owa_sanitize::cleanInput($v, $options);
}
return $output;
} else {
if ($options['hidden_spaces']) {
$output = owa_sanitize::removeHiddenSpaces($input);
}
if ($options['remove_html']) {
$output = owa_sanitize::stripAllTags($output);
}
if ($options['dollar']) {
$output = owa_sanitize::escapeDollarSigns($output);
}
if ($options['carriage']) {
$output = owa_sanitize::stripCarriageReturns($output);
}
if ($options['unicode']) {
$output = owa_sanitize::escapeUnicode($output);
}
if ($options['escape_html']) {
$output = owa_sanitize::escapeForDisplay($output);
}
if ($options['backslash']) {
$output = owa_sanitize::escapeBackslash($output);
}
return $output;
}
}
