예제 #1
0
 /**
  * Tests for locale_string_is_safe().
  */
 public function testLocaleStringIsSafe()
 {
     // Check a translatable string without HTML.
     $string = 'Hello world!';
     $result = locale_string_is_safe($string);
     $this->assertTrue($result);
     // Check a translatable string which includes trustable HTML.
     $string = 'Hello <strong>world</strong>!';
     $result = locale_string_is_safe($string);
     $this->assertTrue($result);
     // Check an untranslatable string which includes untrustable HTML (according
     // to the locale_string_is_safe() function definition).
     $string = 'Hello <img src="world.png" alt="world" />!';
     $result = locale_string_is_safe($string);
     $this->assertFalse($result);
     // Check a translatable string which includes a token in an href attribute.
     $string = 'Hi <a href="[current-user:url]">user</a>';
     $result = locale_string_is_safe($string);
     $this->assertTrue($result);
 }
예제 #2
0
 /**
  * Imports one string into the database.
  *
  * @param \Drupal\Component\Gettext\PoItem $item
  *   The item being imported.
  *
  * @return int
  *   The string ID of the existing string modified or the new string added.
  */
 private function importString(PoItem $item)
 {
     // Initialize overwrite options if not set.
     $this->options['overwrite_options'] += array('not_customized' => FALSE, 'customized' => FALSE);
     $overwrite_options = $this->options['overwrite_options'];
     $customized = $this->options['customized'];
     $context = $item->getContext();
     $source = $item->getSource();
     $translation = $item->getTranslation();
     // Look up the source string and any existing translation.
     $strings = \Drupal::service('locale.storage')->getTranslations(array('language' => $this->langcode, 'source' => $source, 'context' => $context));
     $string = reset($strings);
     if (!empty($translation)) {
         // Skip this string unless it passes a check for dangerous code.
         if (!locale_string_is_safe($translation)) {
             \Drupal::logger('locale')->error('Import of string "%string" was skipped because of disallowed or malformed HTML.', array('%string' => $translation));
             $this->report['skips']++;
             return 0;
         } elseif ($string) {
             $string->setString($translation);
             if ($string->isNew()) {
                 // No translation in this language.
                 $string->setValues(array('language' => $this->langcode, 'customized' => $customized));
                 $string->save();
                 $this->report['additions']++;
             } elseif ($overwrite_options[$string->customized ? 'customized' : 'not_customized']) {
                 // Translation exists, only overwrite if instructed.
                 $string->customized = $customized;
                 $string->save();
                 $this->report['updates']++;
             }
             $this->report['strings'][] = $string->getId();
             return $string->lid;
         } else {
             // No such source string in the database yet.
             $string = \Drupal::service('locale.storage')->createString(array('source' => $source, 'context' => $context))->save();
             \Drupal::service('locale.storage')->createTranslation(array('lid' => $string->getId(), 'language' => $this->langcode, 'translation' => $translation, 'customized' => $customized))->save();
             $this->report['additions']++;
             $this->report['strings'][] = $string->getId();
             return $string->lid;
         }
     } elseif ($string && !$string->isNew() && $overwrite_options[$string->customized ? 'customized' : 'not_customized']) {
         // Empty translation, remove existing if instructed.
         $string->delete();
         $this->report['deletes']++;
         $this->report['strings'][] = $string->lid;
         return $string->lid;
     }
 }
예제 #3
0
 /**
  * {@inheritdoc}
  */
 public function validateForm(array &$form, FormStateInterface $form_state)
 {
     $langcode = $form_state->getValue('langcode');
     foreach ($form_state->getValue('strings') as $lid => $translations) {
         foreach ($translations['translations'] as $key => $value) {
             if (!locale_string_is_safe($value)) {
                 $form_state->setErrorByName("strings][{$lid}][translations][{$key}", $this->t('The submitted string contains disallowed HTML: %string', array('%string' => $value)));
                 $form_state->setErrorByName("translations][{$langcode}][{$key}", $this->t('The submitted string contains disallowed HTML: %string', array('%string' => $value)));
                 $this->logger('locale')->warning('Attempted submission of a translation string with disallowed HTML: %string', array('%string' => $value));
             }
         }
     }
 }
예제 #4
0
 /**
  * {@inheritdoc}
  */
 public function validateForm(array &$form, array &$form_state)
 {
     $langcode = $form_state['values']['langcode'];
     foreach ($form_state['values']['strings'] as $lid => $translations) {
         foreach ($translations['translations'] as $key => $value) {
             if (!locale_string_is_safe($value)) {
                 $this->setFormError("strings][{$lid}][translations][{$key}", $form_state, $this->t('The submitted string contains disallowed HTML: %string', array('%string' => $value)));
                 $this->setFormError("translations][{$langcode}][{$key}", $form_state, $this->t('The submitted string contains disallowed HTML: %string', array('%string' => $value)));
                 watchdog('locale', 'Attempted submission of a translation string with disallowed HTML: %string', array('%string' => $value), WATCHDOG_WARNING);
             }
         }
     }
 }