/**
* Sanitizes given array or value for safe input. Use the options to specify
* what filters should be applied (with a boolean value). Valid filters:
*
* - odd_spaces - removes any non space whitespace characters
* - encode - Encode any html entities. Encode must be true for the `remove_html` to work.
* - dollar - Escape `$` with `\$`
* - carriage - Remove `\r`
* - unicode -
* - backslash -
* - remove_html - Strip HTML with strip_tags. `encode` must be true for this option to work.
*
* @param string|array $data Data to sanitize
* @param string|array $options Set of options
* @return mixed Sanitized data
*/
public static function clean($data, $options = array())
{
if (empty($data)) {
return $data;
}
$options = array_merge(array('odd_spaces' => true, 'remove_html' => false, 'encode' => true, 'dollar' => true, 'carriage' => true, 'unicode' => true, 'backslash' => true), $options);
if (is_array($data)) {
foreach ($data as $key => $val) {
$data[$key] = pjSanitize::clean($val, $options);
}
return $data;
}
if ($options['odd_spaces']) {
$data = str_replace(chr(0xca), '', $data);
}
if ($options['encode']) {
$data = pjSanitize::html($data, array('remove' => $options['remove_html']));
}
if ($options['dollar']) {
$data = str_replace("\\\$", "\$", $data);
}
if ($options['carriage']) {
$data = str_replace("\r", "", $data);
}
if ($options['unicode']) {
$data = preg_replace("/&#([0-9]+);/s", "&#\\1;", $data);
}
if ($options['backslash']) {
$data = preg_replace("/\\\\(?!&#|\\?#)/", "\\", $data);
}
return $data;
}
<span class="pj-form-field-before"><abbr class="pj-form-field-icon-email"></abbr></span>
<input type="text" name="c_email" id="email" class="pj-form-field w300 email required" placeholder="*****@*****.**" value="<?php
echo htmlspecialchars(stripslashes($tpl['arr']['c_email']));
?>
"/>
</span>
</p>
<p>
<label class="title"><?php
__('pass');
?>
</label>
<span class="pj-form-field-custom pj-form-field-custom-before">
<span class="pj-form-field-before"><abbr class="pj-form-field-icon-password"></abbr></span>
<input type="text" name="c_password" id="c_password" class="pj-form-field required w200" value="<?php
echo pjSanitize::html($tpl['arr']['c_password']);
?>
" />
</span>
</p>
<p>
<label class="title"><?php
__('lblPhone');
?>
</label>
<span class="pj-form-field-custom pj-form-field-custom-before">
<span class="pj-form-field-before"><abbr class="pj-form-field-icon-phone"></abbr></span>
<input type="text" name="c_phone" id="phone" class="pj-form-field w150" placeholder="(123) 456-7890" value="<?php
echo htmlspecialchars(stripslashes($tpl['arr']['c_phone']));
?>
"/>
index.php?controller=pjLocale&action=pjActionExport" method="post" class="form pj-form">
<input type="hidden" name="export" value="1" />
<p>
<label class="title"><?php
__('plugin_locale_separator');
?>
</label>
<select name="separator" class="pj-form-field">
<?php
foreach (__('plugin_locale_separators', true) as $k => $v) {
?>
<option value="<?php
echo $k;
?>
"><?php
echo pjSanitize::html($v);
?>
</option><?php
}
?>
</select>
</p>
<p>
<label class="title"> </label>
<input type="submit" value="<?php
__('plugin_locale_export');
?>
" class="pj-button" />
</p>
</form>
</fieldset>
}
if (isset($tpl['arr']['cancel_return']) && !empty($tpl['arr']['cancel_return'])) {
?>
<input type="hidden" name="cancel_return" value="<?php
echo $tpl['arr']['cancel_return'];
?>
" />
<?php
}
if (isset($tpl['arr']['notify_url']) && !empty($tpl['arr']['notify_url'])) {
?>
<input type="hidden" name="notify_url" value="<?php
echo $tpl['arr']['notify_url'];
?>
" />
<?php
}
if (isset($tpl['arr']['submit'])) {
?>
<input type="submit" value="<?php
echo pjSanitize::html($tpl['arr']['submit']);
?>
" class="<?php
echo pjSanitize::html(@$tpl['arr']['submit_class']);
?>
" />
<?php
}
?>
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1" />
</form>
/**
* Make data XML-ready
*
* @param array $data
* @access public
* @return self
*/
public function process($data = array())
{
$rows = array();
$rows[] = '<?xml version="' . $this->version . '" encoding="' . $this->encoding . '"?>';
$rows[] = '<' . $this->root . '>';
foreach ($data as $item) {
$cells = array();
$cells[] = "\t<" . $this->record . ">";
foreach ($item as $key => $value) {
$cells[] = "\t\t<" . $key . ">" . pjSanitize::html($value) . "</" . $key . ">";
}
$cells[] = "\t</" . $this->record . ">";
$rows[] = join($this->eol, $cells);
}
$rows[] = "</" . $this->root . ">";
$this->setData(join($this->eol, $rows));
return $this;
}
?>
" /> <?php
if ($tpl['arr'][$i]['key'] == 'o_show_upto') {
__('lblDays');
}
break;
case 'float':
?>
<input type="text" name="value-<?php
echo $tpl['arr'][$i]['type'];
?>
-<?php
echo $tpl['arr'][$i]['key'];
?>
" class="pj-form-field field-float w60" value="<?php
echo pjSanitize::html($tpl['arr'][$i]['value']);
?>
" /><?php
break;
case 'enum':
?>
<select name="value-<?php
echo $tpl['arr'][$i]['type'];
?>
-<?php
echo $tpl['arr'][$i]['key'];
?>
" class="pj-form-field">
<?php
$default = explode("::", $tpl['arr'][$i]['value']);
$enum = explode("|", $default[0]);
__('lblInstallConfigLocale');
?>
</label>
<select class="pj-form-field w200 pj-install-config" id="install_locale" name="install_locale">
<option value="">-- <?php
__('lblAll');
?>
--</option>
<?php
foreach ($tpl['locale_arr'] as $locale) {
?>
<option value="<?php
echo $locale['id'];
?>
"><?php
echo pjSanitize::html($locale['title']);
?>
</option><?php
}
?>
</select>
</p>
<p>
<label class="title"> </label>
<a id="pj_preview_install" target="_blank" href="javascript:void(0);" class="pj-button" rel="<?php
echo PJ_INSTALL_URL;
?>
index.php?controller=pjAdminOptions&action=pjActionPreview{LOCALE}"/><?php
__('btnPreview');
?>
</a>
<span class="inline_block">
<input type="text" name="name" id="name" value="<?php
echo pjSanitize::html($tpl['arr']['name']);
?>
" class="pj-form-field w250 required" />
</span>
</p>
<p>
<label class="title"><?php
__('lblPhone');
?>
</label>
<span class="pj-form-field-custom pj-form-field-custom-before">
<span class="pj-form-field-before"><abbr class="pj-form-field-icon-phone"></abbr></span>
<input type="text" name="phone" id="phone" value="<?php
echo pjSanitize::html($tpl['arr']['phone']);
?>
" class="pj-form-field w200" placeholder="(123) 456-7890"/>
</span>
</p>
<p>
<label class="title"><?php
__('lblStatus');
?>
</label>
<?php
if ((int) $tpl['arr']['id'] !== 1) {
?>
<span class="inline_block">
<select name="status" id="status" class="pj-form-field required">
<option value="">-- <?php
?>
:</span> <a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?controller=pjAdminClients&action=pjActionUpdate&id=<?php
echo $v['client_id'];
?>
"><?php
echo pjSanitize::html($v['client_name']);
?>
</a></label>
<label><span><?php
__('lblLocation');
?>
:</span> <?php
echo pjSanitize::html($v['location']);
?>
</label>
<label><span><?php
__('lblStatus');
?>
:</span> <?php
echo $order_statuses[$v['status']];
?>
</label>
<label><span><?php
__('lblDateTime');
?>
:</span> <?php
echo date($tpl['option_arr']['o_date_format'], strtotime($v['p_dt'])) . ', ' . date($tpl['option_arr']['o_time_format'], strtotime($v['p_dt']));
?>
:</label>
<span class="pj-form-field-custom pj-form-field-custom-before">
<span class="pj-form-field-before"><abbr class="pj-form-field-icon-password"></abbr></span>
<input type="text" name="password" id="password" class="pj-form-field required w200" value="<?php
echo pjSanitize::html($tpl['arr']['password']);
?>
" autocomplete="off" />
</span>
</p>
<p>
<label class="title"><?php
__('lblName');
?>
</label>
<span class="inline_block">
<input type="text" name="name" id="name" value="<?php
echo pjSanitize::html($tpl['arr']['name']);
?>
" class="pj-form-field w250 required" />
</span>
</p>
<p>
<label class="title"> </label>
<input type="submit" value="<?php
__('btnSave', false, true);
?>
" class="pj-button" />
</p>
</form>
<?php
}
?>
</span>
<span><textarea name="message" id="confirm_message" class="pj-form-field w600 h300 required"><?php
echo stripslashes(str_replace(array('\\r\\n', '\\n'), ' ', $tpl['arr']['message']));
?>
</textarea></span>
</p>
<?php
if (!empty($tpl['arr']['client_email'])) {
?>
<p>
<label>
<input type="hidden" name="to" value="<?php
echo pjSanitize::html($tpl['arr']['client_email']);
?>
"/>
<?php
__('lblClientEmail');
?>
(<?php
echo pjSanitize::html($tpl['arr']['client_email']);
?>
)
</label>
</p>
<?php
}
?>
</form>
<?php
}
:</label>
<span class="inline_block">
<input type="text" name="alpha_2" id="alpha_2" class="pj-form-field w50" value="<?php
echo pjSanitize::html($tpl['arr']['alpha_2']);
?>
" maxlength="2" />
</span>
</p>
<p>
<label class="title"><?php
__('plugin_country_alpha_3');
?>
:</label>
<span class="inline_block">
<input type="text" name="alpha_3" id="alpha_3" class="pj-form-field w50" value="<?php
echo pjSanitize::html($tpl['arr']['alpha_3']);
?>
" maxlength="3" />
</span>
</p>
<p>
<label class="title"> </label>
<input type="submit" value="<?php
__('plugin_country_btn_save');
?>
" class="pj-button" />
<input type="button" value="<?php
__('plugin_country_btn_cancel');
?>
" class="pj-button" onclick="window.location.href='<?php
echo PJ_INSTALL_URL;
}
break;
case 'bank':
?>
//<?php
include PJ_VIEWS_PATH . 'pjFront/elements/api_test.php';
?>
<div class="fdSystemMessage">
<?php
$system_msg = str_replace("[STAG]", "<a href='#' class='fdStartOver'>", $front_messages[3]);
$system_msg = str_replace("[ETAG]", "</a>", $system_msg);
echo $system_msg;
?>
<br /><br />
<?php
echo pjSanitize::html(nl2br($tpl['option_arr']['o_bank_account']));
?>
</div>
<?php
break;
case 'creditcard':
case 'cash':
default:
$user_name = urlencode($_SESSION['order_data']['o_user_name']);
?>
<div class="fdSystemMessage">
<?php
$system_msg = str_replace("[STAG]", "<a href='" . PJ_BASE_PATH . $user_name . '/restaurants/' . base64_encode($_SESSION['order_data']['o_user_id']) . "'>", $front_messages[3]);
$system_msg = str_replace("[ETAG]", "</a>", $system_msg);
echo $system_msg;
