/** * Converts array to html hidden fields * * Type: function<br> * Name: array_to_fields<br> * @param array $param params list * @return object $template template object */ function smarty_function_array_to_fields($params, &$template) { $result = ''; $pattern = '<input type="hidden" name="%s" value="%s" />' . "\n"; foreach ($params['data'] as $name => $value) { if (empty($value)) { continue; } if (!empty($params['skip']) && in_array($name, $params['skip'])) { continue; } if (!empty($params['escape']) && in_array($name, $params['escape'])) { if (is_array($value)) { foreach ($value as $index => &$data) { $data = SecurityHelper::escapeHtml($data); } } else { $value = SecurityHelper::escapeHtml($value); } } if (is_array($value)) { foreach ($value as $index => $data) { $result .= sprintf($pattern, $name . '[' . $index . ']', $data); } } else { $result .= sprintf($pattern, $name, $value); } } return $result; }
/** * Add/remove html special chars * * @deprecated In favour of use Tygh\Tools\SecurityHelper::encodeHtml() * @since 4.3.1 * * @param mixed $data data to filter * @param bool $revert if true, decode special chars * @return mixed filtered variable */ function fn_html_escape($data, $revert = false) { return SecurityHelper::escapeHtml($data, $revert); }
protected function arrayToXml($item, $data, $level = 0, $attr = array()) { $tab = str_repeat(' ', $level); if (!is_array($data)) { $attr_str = ''; if (!empty($attr)) { foreach ($attr as $attr_key => $attr_value) { $attr_str .= ' ' . $attr_key . '="' . $attr_value . '"'; } } $txt = SecurityHelper::escapeHtml($data); $txt = str_replace(array('&laquo;', '&raquo;', '&#39;', '&quot;'), "'", $txt); return $tab . '<' . $item . $attr_str . '>' . str_replace(array('&amp;', '&hellip;', '&nbsp;', '&mdash;', '&reg;', '&ndash;', '&trade;'), '', $txt) . '</' . $item . ">\n"; } $xml = ''; foreach ($data as $item_type => $value) { if (is_numeric($item_type)) { if (is_array($value)) { $attr = !empty($value['attr']) ? $value['attr'] : array(); $attr_str = ''; if (!empty($attr)) { foreach ($attr as $attr_key => $attr_value) { $attr_str .= ' ' . $attr_key . '="' . $attr_value . '"'; } } if (isset($value['value'])) { $xml .= $tab . '<' . $item . $attr_str . '>' . SecurityHelper::escapeHtml($value['value']) . '</' . $item . ">\n"; } elseif (isset($value['items'])) { $xml .= $tab . '<' . $item . ">\n" . $this->arrayToXml($item_type, $value, $level + 1) . $tab . '</' . $item . ">\n"; } else { $xml .= $tab . '<' . $item . $attr_str . "/>\n"; } } else { $xml .= $this->arrayToXml($item, $value, $level); } } else { $xml .= $tab . '<' . $item . ">\n" . $this->arrayToXml($item_type, $value, $level + 1) . $tab . '</' . $item . ">\n"; } } return $xml; }