/**
* Cleans the input in the $data array, directly updating $data.
*
* Note: This is called from the cleanInput method in the text API for
* all the attachments to the text node.
*
* @param mixed Array of fieldname => data pairs, passed by reference.
* @param (int|bool) Nodeid of the node being edited, false if creating new
*/
public function cleanInput(&$data, $nodeid = false)
{
parent::cleanInput($data, $nodeid);
$data['filedataid'] = intval(isset($data['filedataid']) ? $data['filedataid'] : 0);
$cleaner = vB::getCleaner();
$data['filename'] = $cleaner->clean($data['filename'], vB_Cleaner::TYPE_NOHTML);
// clean and serialize settings
$data['settings'] = isset($data['settings']) ? $data['settings'] : '';
if (!empty($data['parentid'])) {
$nodeid = $data['parentid'];
}
$data['settings'] = $this->cleanSettings($data['settings'], $nodeid);
}
/**
* Cleans the input in the $data array, directly updating $data.
*
* @param mixed Array of fieldname => data pairs, passed by reference.
* @param int|false Nodeid of the node being edited, false if creating new
*/
public function cleanInput(&$data, $nodeid = false)
{
$parentid = empty($data['parentid']) ? $nodeid : $data['parentid'];
$userCanUseHtml = false;
if (!empty($parentid)) {
$userCanUseHtml = vB::getUserContext()->getChannelPermission('forumpermissions2', 'canusehtml', $parentid);
}
// We're only allowing html in titles and descriptions for channels.
// htmltitle not included because if it was provided, it should still not have html in it anyway.
$htmlFields = array('title', 'description');
$htmlData = array();
$cleaner = vB::getCleaner();
if ($userCanUseHtml) {
foreach ($htmlFields as $fieldname) {
if (isset($data[$fieldname])) {
$htmlData[$fieldname] = $cleaner->clean($data[$fieldname], vB_Cleaner::TYPE_STR);
}
}
}
parent::cleanInput($data, $nodeid);
// Let vB_Api_Content cleanInput do it's thing, then just replace the html fields if they were set.
foreach ($htmlData as $fieldname => $value) {
$data[$fieldname] = $value;
}
}
/**
* Cleans the input in the $data array, directly updating $data.
*
* @param mixed Array of fieldname => data pairs, passed by reference.
* @param int|false Nodeid of the node being edited, false if creating new
*/
public function cleanInput(&$data, $nodeid = false)
{
parent::cleanInput($data, $nodeid);
$canUseHtml = vB::getUserContext()->getChannelPermission('forumpermissions2', 'canusehtml', (empty($nodeid) and isset($data['parentid'])) ? $data['parentid'] : $nodeid);
if (isset($data['htmlstate'])) {
if ($canUseHtml) {
switch ($data['htmlstate']) {
case 'on':
case 'on_nl2br':
case 'off':
// We're ok, don't do anything.
break;
default:
$data['htmlstate'] = 'off';
break;
}
} else {
// User can't use HTML.
$data['htmlstate'] = 'off';
}
}
// ** clean attachment related data **
// this calls the attach api to clean attachment data for this
// text (or other content type) node. Only text content (and
// subclasses) can have attachments, so this is the appropriate
// place for this (not in the parent class)
if (!empty($data['attachments'])) {
if (is_array($data['attachments'])) {
// use instanceInternal so we can pass by reference
$attachApi = vB_Api::instanceInternal('Content_Attach');
foreach ($data['attachments'] as $k => $v) {
// passed by reference and cleaned
$data['attachments'][$k]['parentid'] = $data['parentid'];
$attachApi->cleanInput($data['attachments'][$k]);
}
} else {
$data['attachments'] = array();
}
}
// Similar to above, but for gallery photos
if (!empty($data['photos'])) {
if (is_array($data['photos'])) {
// use instanceInternal so we can pass by reference
// Note, photoAPI actually doesn't have its own cleaner, so it just goes through this cleaner. But just in case we add its own, keep using
// the photo API reference below.
$photoApi = vB_Api::instanceInternal('Content_Photo');
foreach ($data['photos'] as $k => $v) {
// passed by reference and cleaned
$data['photos'][$k]['parentid'] = $data['parentid'];
$photoApi->cleanInput($data['photos'][$k], $nodeid);
}
} else {
$data['photos'] = array();
}
}
if (!empty($data['removeattachments'])) {
if (is_array($data['removeattachments'])) {
$removeattachments = array();
foreach ($data['removeattachments'] as $k => $v) {
$removeattachments[intval($k)] = intval($v);
}
$data['removeattachments'] = $removeattachments;
} else {
$data['removeattachments'] = array();
}
}
}