/**
* Purify an attribute value
*
* @param string $value
*
* @return string
*/
protected function purifyValue($value)
{
$value['value'] = \XLite\Core\HTMLPurifier::purify($value['value']);
return $value;
}
/**
* Get purified value
*
* @param array $column Column info
* @param mixed $value Value
*
* @return mixed
*/
protected function getPurifiedValue(array $column, $value)
{
if (is_array($value)) {
foreach ($value as $k => $v) {
$value[$k] = $this->getPurifiedValue($column, $v);
}
} else {
$ignoreWarning = false;
$orig = $value;
if (!$this->isColumnTagsAllowed($column)) {
$value = strip_tags($value);
$wrnType = 'CMN-TAGS';
} elseif (!$this->isColumnTrusted($column)) {
$value = \XLite\Core\HTMLPurifier::purify($value);
$wrnType = 'CMN-XSS';
$ignoreWarning = $this->isIgnoreXSSWarnings($column);
}
if ($orig != $value && !$ignoreWarning) {
$this->addWarning($wrnType, array('column' => $column, 'value' => ''));
}
}
return $value;
}
/**
* Prepare request value
*
* @param string $name Param name
* @param mixed $value Param value
*
* @return mixed
*/
protected function prepareRequestParamValue($name, $value)
{
if (!empty($value) && !is_numeric($value)) {
if (is_array($value)) {
foreach ($value as $k => $v) {
$value[$k] = $this->prepareRequestParamValue($name, $v);
}
} elseif (!$this->isParamTrusted($name)) {
$value = \XLite\Core\HTMLPurifier::purify($value);
}
}
return $value;
}
