/** * Clean the data before saving * * @access public * @param mixed an array of values to be saved * @return array */ public function clean($values = array()) { if (empty($values)) { $values = $_POST; } // get table information to clean against $fields = $this->table_info(); $clean = array(); foreach ($fields as $key => $val) { if (isset($values[$key])) { $values[$key] = $this->auto_trim ? trim($values[$key]) : $values[$key]; } } // process linked fields $values = $this->process_linked($values); foreach ($fields as $key => $field) { if ($field['type'] == 'time') { if (isset($values[$key . '_hour']) and is_numeric($values[$key . '_hour'])) { if (empty($values[$key]) or (int) $values[$key] == 0) { $values[$key] = $date_func('H:i:s'); } //the js seem like only supply minute field, assign 00 for sec now if (empty($values[$key . '_sec'])) { $values[$key . '_sec'] = '00'; } $values[$key] = date("H:i:s", strtotime(@$values[$key . '_hour'] . ':' . @$values[$key . '_min'] . ':' . @$values[$key . '_sec'] . ' ' . @$values[$key . '_am_pm'])); } } else { if ($field['type'] == 'datetime') { if (empty($values[$key]) or (int) $values[$key] == 0) { $values[$key] = $this->default_date; } if (isset($values[$key . '_hour'])) { if (!empty($values[$key])) { $values[$key] = english_date_to_db_format($values[$key], @$values[$key . '_hour'], @$values[$key . '_min'], @$values[$key . '_sec'], @$values[$key . '_am_pm']); } } } else { if ($field['type'] == 'date') { if (empty($values[$key]) or (int) $values[$key] == 0) { $values[$key] = $this->default_date; } if (!empty($values[$key]) and !is_date_db_format($values[$key])) { $values[$key] = english_date_to_db_format($values[$key]); } } } } $date_func = $this->date_use_gmt ? 'gmdate' : 'date'; // create dates for date added and last updated fields automatically if (($field['type'] == 'datetime' or $field['type'] == 'timestamp' or $field['type'] == 'date') and in_array($key, $this->auto_date_add)) { $test_date = isset($values[$key]) ? (int) $values[$key] : 0; // if no key field then we assume it is a new save and so we add the date if it's empty' if (!$this->_has_key_field_value($values) and empty($test_date)) { $values[$key] = $field['type'] == 'date' ? $date_func('Y-m-d') : $date_func('Y-m-d H:i:s'); } } else { if (($field['type'] == 'datetime' or $field['type'] == 'timestamp' or $field['type'] == 'date') and in_array($key, $this->auto_date_update)) { $values[$key] = $field['type'] == 'date' ? $date_func('Y-m-d') : $date_func('Y-m-d H:i:s'); } } if (isset($values[$key])) { // format dates if (!in_array($key, $this->auto_date_add)) { if ($field['type'] == 'datetime' or $field['type'] == 'timestamp' or $field['type'] == 'date') { if (isset($values[$key]) and strncmp($values[$key], '0000', 4) !== 0) { if ($field['type'] == 'date') { $values[$key] = $values[$key] != 'invalid' ? $date_func('Y-m-d', strtotime($values[$key])) : $this->default_date; } else { $values[$key] = $values[$key] != 'invalid' ? $date_func('Y-m-d H:i:s', strtotime($values[$key])) : $this->default_date; } } } } // safe_htmlspecialchars is buggy for unserialize so we use the cleanup_ms_word if ($this->auto_encode_entities) { if (is_array($this->auto_encode_entities) and in_array($key, $this->auto_encode_entities) or is_string($this->auto_encode_entities) and $key == $this->auto_encode_entities or $this->auto_encode_entities === TRUE) { $values[$key] = safe_htmlentities($values[$key]); } } if ($this->xss_clean) { if (is_array($this->xss_clean) and in_array($key, $this->xss_clean) or is_string($this->xss_clean) and $key == $this->xss_clean or $this->xss_clean === TRUE) { $values[$key] = xss_clean($values[$key]); } } $clean[$key] = $values[$key]; } } $this->cleaned_data = $clean; return $clean; }
public function encode_and_clean(&$val, $k, $key = NULL) { if (empty($key)) { $key = $k; } if (is_string($val)) { if ($this->auto_encode_entities) { if (is_array($this->auto_encode_entities) and in_array($key, $this->auto_encode_entities) or is_string($this->auto_encode_entities) and $key == $this->auto_encode_entities or $this->auto_encode_entities === TRUE) { $val = safe_htmlentities($val); } } if ($this->xss_clean) { if (is_array($this->xss_clean) and in_array($key, $this->xss_clean) or is_string($this->xss_clean) and $key == $this->xss_clean or $this->xss_clean === TRUE) { $val = xss_clean($val); } } } return $val; }