2010-10-14 Sergio Martin <sergio.martin@artica.es>
* include/functions_html.php include/functions_io.php include/functions_ui.php godmode/agentes/module_manager.php: Created a new safe input function more soft than safe_input() for html code. Applied this function (safe_input_html()) in few functions like print_image or print_page_header. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3399 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
zarzuelo
parent
82b6c16e2a
commit
9027c6bf5b
|
|
@ -1,3 +1,13 @@
|
|||
2010-10-14 Sergio Martin <sergio.martin@artica.es>
|
||||
|
||||
* include/functions_html.php
|
||||
include/functions_io.php
|
||||
include/functions_ui.php
|
||||
godmode/agentes/module_manager.php: Created a new safe input
|
||||
function more soft than safe_input() for html code. Applied this
|
||||
function (safe_input_html()) in few functions like print_image
|
||||
or print_page_header.
|
||||
|
||||
2010-10-14 Miguel de Dios <miguel.dedios@artica.es>
|
||||
|
||||
* extensions/system_info.php: add TODO.
|
||||
|
|
|
|||
|
|
@ -335,7 +335,7 @@ foreach ($modules as $module) {
|
|||
$data[4] = $agent_interval;
|
||||
}
|
||||
|
||||
$data[5] = mb_strimwidth ($module['descripcion'], 0, 30, "...");
|
||||
$data[5] = printTruncateText($module['descripcion'], 25, false);
|
||||
|
||||
// MAX / MIN values
|
||||
$data[6] = $module["max"] ? $module["max"] : __('N/A');
|
||||
|
|
|
|||
|
|
@ -547,7 +547,7 @@ function print_input_image ($name, $src, $value, $style = '', $return = false, $
|
|||
|
||||
foreach ($attrs as $attribute) {
|
||||
if (isset ($options[$attribute])) {
|
||||
$output .= ' '.$attribute.'="'.safe_input ($options[$attribute]).'"';
|
||||
$output .= ' '.$attribute.'="'.safe_input_html ($options[$attribute]).'"';
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1110,7 +1110,7 @@ function print_image ($src, $return = false, $options = false) {
|
|||
|
||||
foreach ($attrs as $attribute) {
|
||||
if (isset ($options[$attribute])) {
|
||||
$output .= $attribute.'="'.safe_input ($options[$attribute]).'" ';
|
||||
$output .= $attribute.'="'.safe_input_html ($options[$attribute]).'" ';
|
||||
}
|
||||
}
|
||||
} else {
|
||||
|
|
@ -1118,7 +1118,7 @@ function print_image ($src, $return = false, $options = false) {
|
|||
}
|
||||
|
||||
if (!isset ($options["alt"]) && isset ($options["title"])) {
|
||||
$options["alt"] = $options["title"]; //Set alt to title if it's not set
|
||||
$options["alt"] = safe_input_html($options["title"]); //Set alt to title if it's not set
|
||||
} elseif (!isset ($options["alt"])) {
|
||||
$options["alt"] = "";
|
||||
}
|
||||
|
|
@ -1127,7 +1127,7 @@ function print_image ($src, $return = false, $options = false) {
|
|||
$output .= 'style="'.$style.'" ';
|
||||
}
|
||||
|
||||
$output .= 'alt="'.safe_input ($options['alt']).'" />';
|
||||
$output .= 'alt="'.safe_input_html ($options['alt']).'" />';
|
||||
|
||||
if (!$return) {
|
||||
echo $output;
|
||||
|
|
|
|||
|
|
@ -52,6 +52,43 @@ function safe_input($value) {
|
|||
return $valueHtmlEncode;
|
||||
}
|
||||
|
||||
/**
|
||||
* Cleans a string by encoding to UTF-8 and replacing the HTML
|
||||
* entities for HTML only. UTF-8 is necessary for foreign chars
|
||||
* like asian and our databases are (or should be) UTF-8
|
||||
*
|
||||
* @param mixed String or array of strings to be cleaned.
|
||||
*
|
||||
* @return mixed The cleaned string or array.
|
||||
*/
|
||||
function safe_input_html($value) {
|
||||
//Stop!! Are you sure to modify this critical code? Because the older
|
||||
//versions are serius headache in many places of Pandora.
|
||||
|
||||
if (is_numeric($value))
|
||||
return $value;
|
||||
|
||||
if (is_array($value)) {
|
||||
array_walk($value, "safe_input");
|
||||
return $value;
|
||||
}
|
||||
|
||||
//Clean the trash mix into string because of magic quotes.
|
||||
if (get_magic_quotes_gpc() == 1) {
|
||||
$value = stripslashes($value);
|
||||
}
|
||||
|
||||
if (! mb_check_encoding ($value, 'UTF-8'))
|
||||
$value = utf8_encode ($value);
|
||||
|
||||
//Replace some characteres for html entities
|
||||
for ($i=0;$i<33;$i++) {
|
||||
$value = str_ireplace(chr($i),ascii_to_html($i), $value);
|
||||
}
|
||||
|
||||
return $value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert ascii char to html entitines
|
||||
*
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@
|
|||
* @param string $suffix String at the end of a strimmed string.
|
||||
*/
|
||||
function printTruncateText($text, $numChars = 25, $showTextInAToopTip = true, $return = true, $showTextInTitle = true, $suffix = '…') {
|
||||
$text = safe_output($text);
|
||||
if (strlen($text) > ($numChars - 1)) {
|
||||
$truncateText = mb_strimwidth($text, 0, ($numChars - 1)) . $suffix;
|
||||
|
||||
|
|
@ -1546,7 +1547,7 @@ function get_full_url ($url = false) {
|
|||
*/
|
||||
|
||||
function print_page_header ($title, $icon = "", $return = false, $help = "", $godmode = false, $options = ""){
|
||||
|
||||
$title = safe_input_html($title);
|
||||
if (($icon == "") && ($godmode == true)){
|
||||
$icon = "images/setup.png";
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue