/**
* Sanitizes given array or value for safe input. Use the options to specify
* what filters should be applied (with a boolean value). Valid filters:
*
* - odd_spaces - removes any non space whitespace characters
* - encode - Encode any html entities. Encode must be true for the `remove_html` to work.
* - dollar - Escape `$` with `\$`
* - carriage - Remove `\r`
* - unicode -
* - backslash -
* - remove_html - Strip HTML with strip_tags. `encode` must be true for this option to work.
*
* @param string|array $data Data to sanitize
* @param string|array $options Set of options
* @return mixed Sanitized data
*/
public static function clean($data, $options = array())
{
if (empty($data)) {
return $data;
}
$options = array_merge(array('odd_spaces' => true, 'remove_html' => false, 'encode' => true, 'dollar' => true, 'carriage' => true, 'unicode' => true, 'backslash' => true), $options);
if (is_array($data)) {
foreach ($data as $key => $val) {
$data[$key] = pjSanitize::clean($val, $options);
}
return $data;
}
if ($options['odd_spaces']) {
$data = str_replace(chr(0xca), '', $data);
}
if ($options['encode']) {
$data = pjSanitize::html($data, array('remove' => $options['remove_html']));
}
if ($options['dollar']) {
$data = str_replace("\\\$", "\$", $data);
}
if ($options['carriage']) {
$data = str_replace("\r", "", $data);
}
if ($options['unicode']) {
$data = preg_replace("/&#([0-9]+);/s", "&#\\1;", $data);
}
if ($options['backslash']) {
$data = preg_replace("/\\\\(?!&#|\\?#)/", "\\", $data);
}
return $data;
}
echo pjSanitize::clean(@$v['d_address_1']);
?>
" data-add2="<?php
echo pjSanitize::clean(@$v['d_address_2']);
?>
" data-city="<?php
echo pjSanitize::clean(@$v['d_city']);
?>
" data-state="<?php
echo pjSanitize::clean(@$v['d_state']);
?>
" data-zip="<?php
echo pjSanitize::clean(@$v['d_zip']);
?>
" data-country="<?php
echo pjSanitize::clean(@$v['d_country_id']);
?>
"><?php
echo stripslashes($order_detail);
?>
</option><?php
}
?>
</select>
</p>
<?php
}
?>
<?php
if (in_array($tpl['option_arr']['o_df_include_address_1'], array(2, 3))) {
?>
$mas_content = multi_array_search($mrow['ModifierGroup_Id'], $product['extra_arr']);
if ($mas_content == 1) {
?>
<div name="tab_content" id="tab_content_<?php
echo $product['id'];
echo $mgt;
?>
" class="tab-content">
<?php
foreach ($product['extra_arr'] as $extra) {
if ($mrow['ModifierGroup_Id'] == $extra['ModifierGroup_Id']) {
?>
<div class="fdExtraBox">
<label><?php
echo pjSanitize::clean($extra['name']);
?>
</label>
<span class="fdExtraPrice"><?php
echo pjUtil::formatCurrencySign(number_format($extra['price'], 2), $tpl['option_arr']['o_currency']);
?>
</span>
<a href="#" class="fdAddExtra" data-index="<?php
echo $product['id'];
?>
-<?php
echo $extra['id'];
?>
"><?php
__('front_add');
?>
__('lblDashNoOrder');
?>
</span></label>
</div>
<?php
}
?>
</div>
</div>
<!--<div class="dashboard_column">
<div class="dashboard_list dashboard_latest_list quick_links">
<?php
foreach ($tpl['location_arr'] as $v) {
?>
<label><?php
echo pjSanitize::clean($v['location_title']);
?>
</label>
<label><span><?php
__('lblDelivery');
?>
: <abbr><?php
echo $v['delivery'];
?>
</abbr></span></label>
<label class="space"><span><?php
__('lblPickup');
?>
: <abbr><?php
echo $v['pickup'];
?>
"><?php
__('front_terms_conditions');
?>
</a>
</span>
</p>
<?php
if (!empty($tpl['terms_conditions'])) {
?>
<div id="fdTermContainer_<?php
echo $index;
?>
" style="display: none;">
<p class="fdParagraph fdTermsConditions">
<?php
echo nl2br(pjSanitize::clean($tpl['terms_conditions']));
?>
</p>
</div>
<?php
}
?>
</form>
<div class="fdOverflow fdButtonContainer">
<a href="#" class="fdButton fdNormalButton fdFloatLeft fdButtonGetTypes"><?php
__('front_button_back');
?>
</a>
<a href="#" class="fdButton fdOrangeButton fdButtonNext fdButtonGetPreview fdFloatRight"><?php
__('front_button_continue');
?>
forgot_messages: {
100: "<?php
echo pjSanitize::clean($forgot_messages[100]);
?>
",
101: "<?php
echo pjSanitize::clean($forgot_messages[101]);
?>
",
200: "<?php
echo pjSanitize::clean($forgot_messages[200]);
?>
"
},
email_exiting_message: "<?php
echo pjSanitize::clean(__('front_existing_email', true));
?>
"
};
loadScript("<?php
echo PJ_INSTALL_URL . PJ_LIBS_PATH;
?>
pjQ/pjQuery.min.js", function () {
loadScript("<?php
echo PJ_INSTALL_URL . PJ_LIBS_PATH;
?>
pjQ/pjQuery.validate.min.js", function () {
loadScript("<?php
echo PJ_INSTALL_URL . PJ_LIBS_PATH;
?>
calendarJS/calendar.min.js", function () {
?>
" method="post" id="frmUpdateVoucher" class="form pj-form" autocomplete="off">
<input type="hidden" name="voucher_update" value="1" />
<input type="hidden" name="id" value="<?php
echo $tpl['arr']['id'];
?>
" />
<p>
<label class="title"><?php
__('lblVoucherCode');
?>
</label>
<span class="inline_block">
<input type="text" name="code" id="code" value="<?php
echo pjSanitize::clean($tpl['arr']['code']);
?>
" class="pj-form-field w150 required" />
</span>
</p>
<p>
<label class="title"><?php
__('lblType');
?>
</label>
<span class="inline_block">
<select name="type" id="type" class="pj-form-field w150">
<?php
foreach (__('voucher_types', true, false) as $k => $v) {
?>
<option value="<?php
]" data-type="select" class="fdSize pj-form-field w140">
<option value="">-- <?php
__('lblChoose');
?>
--</option>
<?php
foreach ($tpl['price_arr'] as $v) {
?>
<option value="<?php
echo $v['id'];
?>
" data-price="<?php
echo $v['price'];
?>
"><?php
echo pjSanitize::clean($v['price_name']);
?>
: <?php
echo pjUtil::formatCurrencySign(round($v['price'], 2), $tpl['option_arr']['o_currency']);
?>
</option><?php
}
?>
</select>
<?php
}
} else {
?>
<select id="fdPrice_<?php
echo $_GET['index'];
?>
<tr id="category_row_<?php
echo $v['id'];
?>
" data-id="id_<?php
echo $v['id'];
?>
" class="pj-table-row<?php
echo $i % 2 == 0 ? ' pj-table-row-even' : ' pj-table-row-odd';
?>
">
<td style="width: 20px;"><input type="checkbox" name="record[]" value="<?php
echo $v['id'];
?>
" class="pj-table-select-row"></td>
<td style="width: 552px;"><?php
echo pjSanitize::clean($v['name']);
?>
</td>
<td style="width: 70px;"><?php
echo $v['is_open'] == 1 ? $_yesno['T'] : $_yesno['F'];
?>
</td>
<td style="width: 100px;">
<a href="index.php?controller=pjAdminCategories&action=pjActionUpdate&id=<?php
echo $v['id'];
?>
" class="pj-table-icon-edit"></a>
<a href="index.php?controller=pjAdminCategories&action=pjActionDeleteCategory&id=<?php
echo $v['id'];
?>
" rev="<?php
<td><?php
__('front_company');
?>
</td>
<td><?php
echo stripslashes($tpl['arr']['c_company']);
?>
</td>
</tr>
<tr>
<td><?php
__('front_notes');
?>
</td>
<td><?php
echo isset($tpl['arr']['c_notes']) ? nl2br(pjSanitize::clean($tpl['arr']['c_notes'])) : null;
?>
</td>
</tr>
<tr>
<td><?php
__('front_address_line_1');
?>
</td>
<td><?php
echo stripslashes($tpl['arr']['c_address_1']);
?>
</td>
</tr>
<tr>
<td><?php
public function pjActionStep7()
{
$this->pjActionCheckSession();
if (isset($_POST['step6'])) {
$_POST = pjSanitize::clean($_POST, array('encode' => false));
$_SESSION[$this->defaultInstaller] = array_merge($_SESSION[$this->defaultInstaller], $_POST);
}
if (!isset($_SESSION[$this->defaultInstaller]['step6'])) {
pjUtil::redirect($_SERVER['PHP_SELF'] . "?controller=pjInstaller&action=pjActionStep6&install=1");
}
unset($_SESSION[$this->defaultInstaller]);
unset($_SESSION[$this->defaultErrors]);
}
<label class="fdContent"><?php
echo isset($FORM['c_zip']) ? htmlspecialchars(stripslashes(@$FORM['c_zip'])) : htmlspecialchars(stripslashes(@$CLIENT['c_zip']));
?>
</label>
</p>
<?php
}
if (in_array($tpl['option_arr']['o_bf_include_country'], array(2, 3))) {
?>
<p class="fdParagraph">
<label class="fdTitle"><?php
__('front_country');
?>
:</label>
<label class="fdContent"><?php
echo pjSanitize::clean($tpl['country_arr']['country_title']);
?>
</label>
</p>
<?php
}
$ob_address = ob_get_contents();
ob_end_clean();
if (!empty($ob_address)) {
?>
<div class="fdFormHeading">
<span class="fdBlock fdFloatLeft"><?php
echo strtoupper(__('front_address', true, false));
?>
</span>
</div>
