/** * @param $action */ private function savePage($action) { //var_dump($_POST); die; Yii::log("Function SavePage DesignController called", "trace", self::LOG_CAT); $model = DocPages::model()->findByPk($_POST['pageId']); if (isset($_POST['desContent'])) { $purifier = new CHtmlPurifier(); $model->docData = $purifier->purify($_POST['desContent']); if ($model->update()) { Yii::app()->user->setFlash('success', 'The page was updated successfully'); $this->redirect($action); return; } } Yii::app()->user->setFlash('error', 'The page was not updated successfully, contact your administrator'); $this->redirect($action); return; }
/** * @param $action */ public static function savePage($action) { //var_dump($_POST); die; Yii::log("Function SavePage called", "trace", self::LOG_CAT); $model = DocPages::model()->findByPk($_POST['pageId']); if (isset($_POST['survContent'])) { $purifier = new CHtmlPurifier(); $purifier->options = ['URI.AllowedSchemes' => ['http' => true, 'https' => true], 'Attr.AllowedFrameTargets' => ['_blank', '_self'], 'HTML.AllowedAttributes' => ['img.src', 'a.id', 'a.name', 'a.href', 'a.target', 'span.style']]; // echo $_POST['survContent']; $model->docData = $purifier->purify($_POST['survContent']); // echo $model->docData; die; if ($model->update()) { Yii::app()->user->setFlash('success', 'The page was updated successfully'); Yii::app()->request->redirect($action); return; } } Yii::app()->user->setFlash('error', 'The page was not updated successfully, contact your administrator'); Yii::app()->request->redirect($action); return; }