Implement escapeComment helper

refs #10654
2016-02-15 16:26:52 +01:00 · 2016-02-15 16:26:52 +01:00 · b0932d2413
parent c78a7912e7
commit b0932d2413
1 changed files with 38 additions and 0 deletions
--- a/modules/monitoring/application/views/helpers/EscapeComment.php
+++ b/modules/monitoring/application/views/helpers/EscapeComment.php
@ -0,0 +1,38 @@
+<?php
+/* Icinga Web 2 | (c) 2016 Icinga Development Team | GPLv2+ */
+
+/**
+ * Helper for escaping comments, but preserving links
+ */
+class Zend_View_Helper_EscapeComment extends Zend_View_Helper_Abstract
+{
+    /**
+     * The purifier to use for escaping
+     *
+     * @var HTMLPurifier
+     */
+    protected static $purifier;
+
+    /**
+     * Escape any comment for being placed inside HTML, but preserve simple links (<a href="...">).
+     *
+     * @param   string  $comment
+     *
+     * @return  string
+     */
+    public function escapeComment($comment)
+    {
+        if (self::$purifier === null) {
+            require_once 'HTMLPurifier/Bootstrap.php';
+            require_once 'HTMLPurifier.php';
+            require_once 'HTMLPurifier.autoload.php';
+
+            $config = HTMLPurifier_Config::createDefault();
+            $config->set('Core.EscapeNonASCIICharacters', true);
+            $config->set('HTML.Allowed', 'a[href]');
+            $config->set('Cache.DefinitionImpl', null);
+            self::$purifier = new HTMLPurifier($config);
+        }
+        return self::$purifier->purify($comment);
+    }
+}