Пример #1
0
 /**
  * Number 'from-to' field filter HTML with selected value.
  *
  * @param Mage_Eav_Model_Entity_Attribute $attribute
  * @param mixed $value
  * @return string
  */
 protected function _getNumberFromToHtmlWithValue(Mage_Eav_Model_Entity_Attribute $attribute, $value)
 {
     $fromValue = null;
     $toValue = null;
     $name = $this->getFilterElementName($attribute->getAttributeCode());
     if (is_array($value) && count($value) == 2) {
         $fromValue = $this->_helper->escapeHtml(reset($value));
         $toValue = $this->_helper->escapeHtml(next($value));
     }
     return '<strong>' . $this->_helper->__('From') . ':</strong>&nbsp;' . '<input type="text" name="' . $name . '[]" class="input-text"' . ' value="' . $fromValue . '" style="width:100px;"/>&nbsp;' . '<strong>' . $this->_helper->__('To') . ':</strong>&nbsp;<input type="text" name="' . $name . '[]" class="input-text" style="width:100px;" value="' . $toValue . '" />';
 }
 /**
  * Escape string preserving links
  *
  * @param array|string $data
  * @param null|array $allowedTags
  * @return string
  */
 public function escapeHtmlWithLinks($data, $allowedTags = null)
 {
     if (!empty($data) && is_array($allowedTags) && in_array('a', $allowedTags)) {
         $links = [];
         $i = 1;
         $data = str_replace('%', '%%', $data);
         $regexp = "/<a\\s[^>]*href\\s*?=\\s*?([\"\\']??)([^\" >]*?)\\1[^>]*>(.*)<\\/a>/siU";
         while (preg_match($regexp, $data, $matches)) {
             //Revert the sprintf escaping
             $url = str_replace('%%', '%', $matches[2]);
             $text = str_replace('%%', '%', $matches[3]);
             //Check for an valid url
             if ($url) {
                 $urlScheme = strtolower(parse_url($url, PHP_URL_SCHEME));
                 if ($urlScheme !== 'http' && $urlScheme !== 'https') {
                     $url = null;
                 }
             }
             //Use hash tag as fallback
             if (!$url) {
                 $url = '#';
             }
             //Recreate a minimalistic secure a tag
             $links[] = sprintf('<a href="%s">%s</a>', htmlspecialchars($url, ENT_QUOTES, 'UTF-8', false), parent::escapeHtml($text));
             $data = str_replace($matches[0], '%' . $i . '$s', $data);
             ++$i;
         }
         $data = parent::escapeHtml($data, $allowedTags);
         return vsprintf($data, $links);
     }
     return parent::escapeHtml($data, $allowedTags);
 }
Пример #3
0
 /**
  * @dataProvider escapeHtmlDataProvider
  */
 public function testEscapeHtml($data, $expected)
 {
     $actual = $this->_helper->escapeHtml($data);
     $this->assertEquals($expected, $actual);
 }