/**
* Map a row to an array that can be parsed by
* insert_item() or insert_files_for_item().
*
* @param array $row The row to map
* @param array $result
* @return array The result
*/
public function map($row, $result)
{
$filter = new Omeka_Filter_HtmlPurifier();
$text = $filter->filter($row[$this->_columnName]);
if ($this->_elementDelimiter == '') {
$texts = array($text);
} else {
$texts = explode($this->_elementDelimiter, $text);
}
if ($this->_elementId) {
foreach ($texts as $text) {
$result[] = array('element_id' => $this->_elementId, 'html' => $this->_isHtml ? 1 : 0, 'text' => $text);
}
}
return $result;
}
/**
* Filter the 'Elements' array of the POST.
*
* @param Zend_Controller_Request_Abstract $post
* @param Omeka_Filter_HtmlPurifier $htmlPurifierFilter
* @return void
**/
protected function _filterElementsFromPost($post, $htmlPurifierFilter = null)
{
if ($htmlPurifierFilter === null) {
$htmlPurifierFilter = new Omeka_Filter_HtmlPurifier();
}
// Post looks like Elements[element_id][index] = array([text], [html])
//
// In some cases it doesn't look like that, for example the date field
// has month, year, day.
//
// What we do in this case is just not do anything if there is no text field
// alongside the html field.
foreach ($post['Elements'] as $elementId => $texts) {
foreach ($texts as $index => $values) {
if (array_key_exists('text', $values)) {
if (array_key_exists('html', $values) && (bool) $values['html']) {
$post['Elements'][$elementId][$index]['text'] = $htmlPurifierFilter->filter($values['text']);
}
}
}
}
return $post;
}
public function testFilterUnallowedScriptElement()
{
$this->assertTrue(in_array('p', Omeka_Filter_HtmlPurifier::getDefaultAllowedHtmlElements()));
$this->assertFalse(in_array('script', Omeka_Filter_HtmlPurifier::getDefaultAllowedHtmlElements()));
$dirtyHtml = '<p>Bob is <script>bad</script></p>';
$cleanHtml = '<p>Bob is </p>';
$htmlPurifierFilter = new Omeka_Filter_HtmlPurifier();
$filteredHtml = $htmlPurifierFilter->filter($dirtyHtml);
$this->assertEquals($cleanHtml, $filteredHtml);
}
