protected function _preOperation() { $sTitle = $this->controls['title']->getValue(); $this->controls['title']->setValue(AM_Tools::filter_xss($sTitle)); }
protected function _preOperation() { $sDescription = $this->controls['description']->getValue(); $this->controls['description']->setValue(AM_Tools::filter_xss($sDescription)); $sProductId = $this->controls['product_id']->getValue(); $this->controls['product_id']->setValue(AM_Tools::filter_xss($sProductId)); }
/** * Editor toc-rename action */ public function tocRenameAction() { $aMessage = array('status' => 0); try { $iPageId = intval($this->_getParam('page')); $iTocTermId = intval($this->_getParam('id')); $sTocItemName = trim($this->_getParam('title')); if (!AM_Model_Db_Table_Abstract::factory('term')->checkAccess($iTocTermId, $this->_aUserInfo) || empty($sTocItemName)) { throw new AM_Controller_Exception_BadRequest('Error. Invalid params were given'); } $oPage = AM_Model_Db_Table_Abstract::factory('page')->findOneBy('id', $iPageId); /* @var $oPage AM_Model_Db_Page */ if (is_null($oPage)) { throw new AM_Controller_Exception_Forbidden('Access denied'); } $oTerm = AM_Model_Db_Table_Abstract::factory('term')->findOneBy('id', $iTocTermId); /* @var $oTerm AM_Model_Db_Term */ if (is_null($oTerm)) { throw new AM_Controller_Exception_Forbidden('Access denied'); } $oTerm->title = AM_Tools::filter_xss($sTocItemName); $oTerm->updated = new Zend_Db_Expr('NOW()'); $oTerm->save(); $oPage->getRevision()->exportRevision(); $aMessage['status'] = 1; } catch (Exception $oException) { $aMessage['message'] = $this->__('Error. Can\'t rename TOC term') . PHP_EOL . $oException->getMessage(); } return $this->getHelper('Json')->sendJson($aMessage); }
protected function _preOperation() { $sLogin = $this->controls['login']->getValue(); $this->controls['login']->setValue(AM_Tools::filter_xss($sLogin)); $sFirstName = $this->controls['first_name']->getValue(); $this->controls['first_name']->setValue(AM_Tools::filter_xss($sFirstName)); $sLastName = $this->controls['last_name']->getValue(); $this->controls['last_name']->setValue(AM_Tools::filter_xss($sLastName)); }
/** * Action saves key-value data for element */ public function saveWordAction() { $aMessage = array('status' => 0); try { $aWord = (array) $this->_getParam('word'); $oField = AM_Model_Db_Table_Abstract::factory('field')->findOneBy('id', $this->_iFieldId); /* @var $oField AM_Model_Db_Field */ if (is_null($oField)) { throw new AM_Exception(sprintf('Field with id "%d" not found.', $this->_iFieldId)); } $oPage = AM_Model_Db_Table_Abstract::factory('page')->findOneBy('id', $this->_iPageId); /* @var $oPage AM_Model_Db_Page */ if (is_null($oPage)) { throw new AM_Exception(sprintf('Page with id "%d" not found.', $this->_iPageId)); } $oElement = $oPage->getElementForField($oField); /* @var $oElement AM_Model_Db_Element */ $oGame = AM_Model_Db_Table_Abstract::factory('game')->findOneBy(array('page' => $oPage->id, 'type' => AM_Model_Db_GameType::GAME_TYPE_CROSSWORD)); if (is_null($oGame)) { throw new AM_Exception(sprintf('Game for page "%d" not found.', $this->_iPageId)); } $oWordModel = new AM_Model_Db_GameCrosswordWord(); $oWordModel->start_x = $aWord['startX']; $oWordModel->start_y = $aWord['startY']; $oWordModel->question = AM_Tools::filter_xss($aWord['question']); $oWordModel->answer = AM_Tools::filter_xss($aWord['answer']); $oWordModel->length = $aWord['length']; $oWordModel->direction = $aWord['direction']; $oWordModel->game = $oGame->id; $oWordModel->save(); $oPage->setUpdated(false); $aMessage['word_id'] = $oWordModel->id; $aMessage['status'] = 1; } catch (Exception $oException) { $aMessage['message'] = $this->__('Error. Can\'t set value! ') . PHP_EOL . $oException->getMessage(); } return $this->getHelper('Json')->sendJson($aMessage, false); }
/** * Filter description value * * @param string $sValue * @return string */ public function preSetDescription($sValue) { $sValue = AM_Tools::filter_xss($sValue); return $sValue; }
protected function _preOperation() { $sTitle = $this->controls['title']->getValue(); $this->controls['title']->setValue(AM_Tools::filter_xss($sTitle)); $sNumber = $this->controls['number']->getValue(); $this->controls['number']->setValue(AM_Tools::filter_xss($sNumber)); if (get_class($this) == 'AM_Component_Record_Database_Issue_Generic') { $sProductId = $this->controls['product_id']->getValue(); $this->controls['product_id']->setValue(AM_Tools::filter_xss($sProductId)); } }
/** * Creates toc term for current vocabulary * @param string $sTocItemName * @param AM_Model_Db_Revision $oRevision * @param int | null $iParentId * @return AM_Model_Db_Term */ public function createTocTerm($sTocItemName, AM_Model_Db_Revision $oRevision, $iParentId = null, $iPosition = 0) { $sTocItemName = trim(AM_Tools::filter_xss($sTocItemName)); $iParentId = 0 == $iParentId ? null : $iParentId; $oTocTerm = new AM_Model_Db_Term(); $oTocTerm->title = $sTocItemName; $oTocTerm->vocabulary = $this->id; $oTocTerm->revision = $oRevision->id; $oTocTerm->parent_term = $iParentId; $oTocTerm->position = $iPosition; $oTocTerm->updated = new Zend_Db_Expr('NOW()'); $oTocTerm->save(); return $oTocTerm; }
/** * Filter for title field * @param string $sValue * @return string */ public function preSetTitle($sValue) { $sValue = AM_Tools::filter_xss($sValue); return $sValue; }
protected function _preOperation() { $sIdentifer = $this->controls['identifer']->getValue(); $this->controls['identifer']->setValue(AM_Tools::filter_xss($sIdentifer)); }
/** * Magic method to validate facebook account name * @param mixed $mValue * @return string * @throws AM_Model_Db_Element_Data_Exception */ protected function _addFacebookNamePage($mValue) { $mValue = AM_Tools::filter_xss($mValue); if (!Zend_Validate::is($mValue, 'regex', array('pattern' => '/^[a-z\\d.]{5,}$/i'))) { throw new AM_Model_Db_Element_Data_Exception(sprintf('Wrong parameter "%s" given', self::DATA_KEY_HTML5_FACEBOOK_NAME_PAGE)); } return $mValue; }