Пример #1
0
 /**
  * Clean the data before saving
  *
  * @access	public
  * @param	mixed	an array of values to be saved
  * @return	array
  */
 public function clean($values = array())
 {
     if (empty($values)) {
         $values = $_POST;
     }
     // get table information to clean against
     $fields = $this->table_info();
     $clean = array();
     foreach ($fields as $key => $val) {
         if (isset($values[$key])) {
             $values[$key] = $this->auto_trim ? trim($values[$key]) : $values[$key];
         }
     }
     // process linked fields
     $values = $this->process_linked($values);
     foreach ($fields as $key => $field) {
         if ($field['type'] == 'time') {
             if (isset($values[$key . '_hour']) and is_numeric($values[$key . '_hour'])) {
                 if (empty($values[$key]) or (int) $values[$key] == 0) {
                     $values[$key] = $date_func('H:i:s');
                 }
                 //the js seem like only supply minute field, assign 00 for sec now
                 if (empty($values[$key . '_sec'])) {
                     $values[$key . '_sec'] = '00';
                 }
                 $values[$key] = date("H:i:s", strtotime(@$values[$key . '_hour'] . ':' . @$values[$key . '_min'] . ':' . @$values[$key . '_sec'] . ' ' . @$values[$key . '_am_pm']));
             }
         } else {
             if ($field['type'] == 'datetime') {
                 if (empty($values[$key]) or (int) $values[$key] == 0) {
                     $values[$key] = $this->default_date;
                 }
                 if (isset($values[$key . '_hour'])) {
                     if (!empty($values[$key])) {
                         $values[$key] = english_date_to_db_format($values[$key], @$values[$key . '_hour'], @$values[$key . '_min'], @$values[$key . '_sec'], @$values[$key . '_am_pm']);
                     }
                 }
             } else {
                 if ($field['type'] == 'date') {
                     if (empty($values[$key]) or (int) $values[$key] == 0) {
                         $values[$key] = $this->default_date;
                     }
                     if (!empty($values[$key]) and !is_date_db_format($values[$key])) {
                         $values[$key] = english_date_to_db_format($values[$key]);
                     }
                 }
             }
         }
         $date_func = $this->date_use_gmt ? 'gmdate' : 'date';
         // create dates for date added and last updated fields automatically
         if (($field['type'] == 'datetime' or $field['type'] == 'timestamp' or $field['type'] == 'date') and in_array($key, $this->auto_date_add)) {
             $test_date = isset($values[$key]) ? (int) $values[$key] : 0;
             // if no key field then we assume it is a new save and so we add the date if it's empty'
             if (!$this->_has_key_field_value($values) and empty($test_date)) {
                 $values[$key] = $field['type'] == 'date' ? $date_func('Y-m-d') : $date_func('Y-m-d H:i:s');
             }
         } else {
             if (($field['type'] == 'datetime' or $field['type'] == 'timestamp' or $field['type'] == 'date') and in_array($key, $this->auto_date_update)) {
                 $values[$key] = $field['type'] == 'date' ? $date_func('Y-m-d') : $date_func('Y-m-d H:i:s');
             }
         }
         if (isset($values[$key])) {
             // format dates
             if (!in_array($key, $this->auto_date_add)) {
                 if ($field['type'] == 'datetime' or $field['type'] == 'timestamp' or $field['type'] == 'date') {
                     if (isset($values[$key]) and strncmp($values[$key], '0000', 4) !== 0) {
                         if ($field['type'] == 'date') {
                             $values[$key] = $values[$key] != 'invalid' ? $date_func('Y-m-d', strtotime($values[$key])) : $this->default_date;
                         } else {
                             $values[$key] = $values[$key] != 'invalid' ? $date_func('Y-m-d H:i:s', strtotime($values[$key])) : $this->default_date;
                         }
                     }
                 }
             }
             // safe_htmlspecialchars is buggy for unserialize so we use the cleanup_ms_word
             if ($this->auto_encode_entities) {
                 if (is_array($this->auto_encode_entities) and in_array($key, $this->auto_encode_entities) or is_string($this->auto_encode_entities) and $key == $this->auto_encode_entities or $this->auto_encode_entities === TRUE) {
                     $values[$key] = safe_htmlentities($values[$key]);
                 }
             }
             if ($this->xss_clean) {
                 if (is_array($this->xss_clean) and in_array($key, $this->xss_clean) or is_string($this->xss_clean) and $key == $this->xss_clean or $this->xss_clean === TRUE) {
                     $values[$key] = xss_clean($values[$key]);
                 }
             }
             $clean[$key] = $values[$key];
         }
     }
     $this->cleaned_data = $clean;
     return $clean;
 }
Пример #2
0
 public function encode_and_clean(&$val, $k, $key = NULL)
 {
     if (empty($key)) {
         $key = $k;
     }
     if (is_string($val)) {
         if ($this->auto_encode_entities) {
             if (is_array($this->auto_encode_entities) and in_array($key, $this->auto_encode_entities) or is_string($this->auto_encode_entities) and $key == $this->auto_encode_entities or $this->auto_encode_entities === TRUE) {
                 $val = safe_htmlentities($val);
             }
         }
         if ($this->xss_clean) {
             if (is_array($this->xss_clean) and in_array($key, $this->xss_clean) or is_string($this->xss_clean) and $key == $this->xss_clean or $this->xss_clean === TRUE) {
                 $val = xss_clean($val);
             }
         }
     }
     return $val;
 }