public function testSanitizeScriptTags() { $vars = array('four' => '<script>alert("Hello!")</script>'); $request = new HttpRequest($vars); $this->assertTrue($request->get('four') == "alert("Hello!")"); }
private static function isFormSubmitted(HttpRequest $request) { $val = $request->get('wpas_submit'); return isset($val); }
/** * Returns an array containing the post types currently being queried * * @param HttpRequest $request * @return array */ private function selectedPostTypes(HttpRequest $request) { $wp_query = $this->wp_query_args; $val = $request->get(RequestVar::post_type); if (!empty($request) && !empty($val)) { $post_types = $val; } else { if (!empty($wp_query) && !empty($wp_query['post_type'])) { $post_types = $wp_query['post_type']; } else { $post_types = array(); } } if (!is_array($post_types)) { $post_types = array($post_types); } return $post_types; }
/** * Adds and argument to an array of query arguments * * @param array $query * @param array $fields * @param HttpRequest $request * @return array */ private function addQueryArg(array $query, array $fields, HttpRequest $request) { if (empty($fields)) { return $query; } $field = reset($fields); // As of v1.4, only one field allowed per // query var (other than taxonomy and meta_key) $field_id = $field->getFieldId(); $var = RequestVar::nameToVar($field_id); $wp_var = RequestVar::wpQueryVar($field_id); $wp_var = !$wp_var ? $var : $wp_var; $val = $request->get($var); if (empty($val)) { return $query; } $query[$wp_var] = self::filter($wp_var, $val); return $query; }