/** * Sanitizes given array or value for safe input. Use the options to specify * what filters should be applied (with a boolean value). Valid filters: * * - odd_spaces - removes any non space whitespace characters * - encode - Encode any html entities. Encode must be true for the `remove_html` to work. * - dollar - Escape `$` with `\$` * - carriage - Remove `\r` * - unicode - * - backslash - * - remove_html - Strip HTML with strip_tags. `encode` must be true for this option to work. * * @param string|array $data Data to sanitize * @param string|array $options Set of options * @return mixed Sanitized data */ public static function clean($data, $options = array()) { if (empty($data)) { return $data; } $options = array_merge(array('odd_spaces' => true, 'remove_html' => false, 'encode' => true, 'dollar' => true, 'carriage' => true, 'unicode' => true, 'backslash' => true), $options); if (is_array($data)) { foreach ($data as $key => $val) { $data[$key] = pjSanitize::clean($val, $options); } return $data; } if ($options['odd_spaces']) { $data = str_replace(chr(0xca), '', $data); } if ($options['encode']) { $data = pjSanitize::html($data, array('remove' => $options['remove_html'])); } if ($options['dollar']) { $data = str_replace("\\\$", "\$", $data); } if ($options['carriage']) { $data = str_replace("\r", "", $data); } if ($options['unicode']) { $data = preg_replace("/&#([0-9]+);/s", "&#\\1;", $data); } if ($options['backslash']) { $data = preg_replace("/\\\\(?!&#|\\?#)/", "\\", $data); } return $data; }
echo pjSanitize::clean(@$v['d_address_1']); ?> " data-add2="<?php echo pjSanitize::clean(@$v['d_address_2']); ?> " data-city="<?php echo pjSanitize::clean(@$v['d_city']); ?> " data-state="<?php echo pjSanitize::clean(@$v['d_state']); ?> " data-zip="<?php echo pjSanitize::clean(@$v['d_zip']); ?> " data-country="<?php echo pjSanitize::clean(@$v['d_country_id']); ?> "><?php echo stripslashes($order_detail); ?> </option><?php } ?> </select> </p> <?php } ?> <?php if (in_array($tpl['option_arr']['o_df_include_address_1'], array(2, 3))) { ?>
$mas_content = multi_array_search($mrow['ModifierGroup_Id'], $product['extra_arr']); if ($mas_content == 1) { ?> <div name="tab_content" id="tab_content_<?php echo $product['id']; echo $mgt; ?> " class="tab-content"> <?php foreach ($product['extra_arr'] as $extra) { if ($mrow['ModifierGroup_Id'] == $extra['ModifierGroup_Id']) { ?> <div class="fdExtraBox"> <label><?php echo pjSanitize::clean($extra['name']); ?> </label> <span class="fdExtraPrice"><?php echo pjUtil::formatCurrencySign(number_format($extra['price'], 2), $tpl['option_arr']['o_currency']); ?> </span> <a href="#" class="fdAddExtra" data-index="<?php echo $product['id']; ?> -<?php echo $extra['id']; ?> "><?php __('front_add'); ?>
__('lblDashNoOrder'); ?> </span></label> </div> <?php } ?> </div> </div> <!--<div class="dashboard_column"> <div class="dashboard_list dashboard_latest_list quick_links"> <?php foreach ($tpl['location_arr'] as $v) { ?> <label><?php echo pjSanitize::clean($v['location_title']); ?> </label> <label><span><?php __('lblDelivery'); ?> : <abbr><?php echo $v['delivery']; ?> </abbr></span></label> <label class="space"><span><?php __('lblPickup'); ?> : <abbr><?php echo $v['pickup']; ?>
"><?php __('front_terms_conditions'); ?> </a> </span> </p> <?php if (!empty($tpl['terms_conditions'])) { ?> <div id="fdTermContainer_<?php echo $index; ?> " style="display: none;"> <p class="fdParagraph fdTermsConditions"> <?php echo nl2br(pjSanitize::clean($tpl['terms_conditions'])); ?> </p> </div> <?php } ?> </form> <div class="fdOverflow fdButtonContainer"> <a href="#" class="fdButton fdNormalButton fdFloatLeft fdButtonGetTypes"><?php __('front_button_back'); ?> </a> <a href="#" class="fdButton fdOrangeButton fdButtonNext fdButtonGetPreview fdFloatRight"><?php __('front_button_continue'); ?>
forgot_messages: { 100: "<?php echo pjSanitize::clean($forgot_messages[100]); ?> ", 101: "<?php echo pjSanitize::clean($forgot_messages[101]); ?> ", 200: "<?php echo pjSanitize::clean($forgot_messages[200]); ?> " }, email_exiting_message: "<?php echo pjSanitize::clean(__('front_existing_email', true)); ?> " }; loadScript("<?php echo PJ_INSTALL_URL . PJ_LIBS_PATH; ?> pjQ/pjQuery.min.js", function () { loadScript("<?php echo PJ_INSTALL_URL . PJ_LIBS_PATH; ?> pjQ/pjQuery.validate.min.js", function () { loadScript("<?php echo PJ_INSTALL_URL . PJ_LIBS_PATH; ?> calendarJS/calendar.min.js", function () {
?> " method="post" id="frmUpdateVoucher" class="form pj-form" autocomplete="off"> <input type="hidden" name="voucher_update" value="1" /> <input type="hidden" name="id" value="<?php echo $tpl['arr']['id']; ?> " /> <p> <label class="title"><?php __('lblVoucherCode'); ?> </label> <span class="inline_block"> <input type="text" name="code" id="code" value="<?php echo pjSanitize::clean($tpl['arr']['code']); ?> " class="pj-form-field w150 required" /> </span> </p> <p> <label class="title"><?php __('lblType'); ?> </label> <span class="inline_block"> <select name="type" id="type" class="pj-form-field w150"> <?php foreach (__('voucher_types', true, false) as $k => $v) { ?> <option value="<?php
]" data-type="select" class="fdSize pj-form-field w140"> <option value="">-- <?php __('lblChoose'); ?> --</option> <?php foreach ($tpl['price_arr'] as $v) { ?> <option value="<?php echo $v['id']; ?> " data-price="<?php echo $v['price']; ?> "><?php echo pjSanitize::clean($v['price_name']); ?> : <?php echo pjUtil::formatCurrencySign(round($v['price'], 2), $tpl['option_arr']['o_currency']); ?> </option><?php } ?> </select> <?php } } else { ?> <select id="fdPrice_<?php echo $_GET['index']; ?>
<tr id="category_row_<?php echo $v['id']; ?> " data-id="id_<?php echo $v['id']; ?> " class="pj-table-row<?php echo $i % 2 == 0 ? ' pj-table-row-even' : ' pj-table-row-odd'; ?> "> <td style="width: 20px;"><input type="checkbox" name="record[]" value="<?php echo $v['id']; ?> " class="pj-table-select-row"></td> <td style="width: 552px;"><?php echo pjSanitize::clean($v['name']); ?> </td> <td style="width: 70px;"><?php echo $v['is_open'] == 1 ? $_yesno['T'] : $_yesno['F']; ?> </td> <td style="width: 100px;"> <a href="index.php?controller=pjAdminCategories&action=pjActionUpdate&id=<?php echo $v['id']; ?> " class="pj-table-icon-edit"></a> <a href="index.php?controller=pjAdminCategories&action=pjActionDeleteCategory&id=<?php echo $v['id']; ?> " rev="<?php
<td><?php __('front_company'); ?> </td> <td><?php echo stripslashes($tpl['arr']['c_company']); ?> </td> </tr> <tr> <td><?php __('front_notes'); ?> </td> <td><?php echo isset($tpl['arr']['c_notes']) ? nl2br(pjSanitize::clean($tpl['arr']['c_notes'])) : null; ?> </td> </tr> <tr> <td><?php __('front_address_line_1'); ?> </td> <td><?php echo stripslashes($tpl['arr']['c_address_1']); ?> </td> </tr> <tr> <td><?php
public function pjActionStep7() { $this->pjActionCheckSession(); if (isset($_POST['step6'])) { $_POST = pjSanitize::clean($_POST, array('encode' => false)); $_SESSION[$this->defaultInstaller] = array_merge($_SESSION[$this->defaultInstaller], $_POST); } if (!isset($_SESSION[$this->defaultInstaller]['step6'])) { pjUtil::redirect($_SERVER['PHP_SELF'] . "?controller=pjInstaller&action=pjActionStep6&install=1"); } unset($_SESSION[$this->defaultInstaller]); unset($_SESSION[$this->defaultErrors]); }
<label class="fdContent"><?php echo isset($FORM['c_zip']) ? htmlspecialchars(stripslashes(@$FORM['c_zip'])) : htmlspecialchars(stripslashes(@$CLIENT['c_zip'])); ?> </label> </p> <?php } if (in_array($tpl['option_arr']['o_bf_include_country'], array(2, 3))) { ?> <p class="fdParagraph"> <label class="fdTitle"><?php __('front_country'); ?> :</label> <label class="fdContent"><?php echo pjSanitize::clean($tpl['country_arr']['country_title']); ?> </label> </p> <?php } $ob_address = ob_get_contents(); ob_end_clean(); if (!empty($ob_address)) { ?> <div class="fdFormHeading"> <span class="fdBlock fdFloatLeft"><?php echo strtoupper(__('front_address', true, false)); ?> </span> </div>