tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2010-10-14 Sergio Martin <sergio.martin@artica.es> 

* include/functions_html.php
	include/functions_io.php
	include/functions_ui.php
	godmode/agentes/module_manager.php: Created a new safe input
	function more soft than safe_input() for html code. Applied this
	function (safe_input_html()) in few functions like print_image
	or print_page_header.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3399 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
zarzuelo 2010-10-14 12:27:09 +00:00
parent 82b6c16e2a
commit 9027c6bf5b
5 changed files with 54 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pandora_console/ChangeLog
View File

@ -1,3 +1,13 @@
2010-10-14 Sergio Martin <sergio.martin@artica.es>
* include/functions_html.php
include/functions_io.php
include/functions_ui.php
godmode/agentes/module_manager.php: Created a new safe input
function more soft than safe_input() for html code. Applied this
function (safe_input_html()) in few functions like print_image
or print_page_header.
2010-10-14 Miguel de Dios <miguel.dedios@artica.es> 2010-10-14 Miguel de Dios <miguel.dedios@artica.es>
* extensions/system_info.php: add TODO. * extensions/system_info.php: add TODO.

2
pandora_console/godmode/agentes/module_manager.php
View File

@ -335,7 +335,7 @@ foreach ($modules as $module) {
$data[4] = $agent_interval; $data[4] = $agent_interval;
} }
$data[5] = mb_strimwidth ($module['descripcion'], 0, 30, "..."); $data[5] = printTruncateText($module['descripcion'], 25, false);
// MAX / MIN values // MAX / MIN values
$data[6] = $module["max"] ? $module["max"] : __('N/A'); $data[6] = $module["max"] ? $module["max"] : __('N/A');

8
pandora_console/include/functions_html.php
View File

@ -547,7 +547,7 @@ function print_input_image ($name, $src, $value, $style = '', $return = false, $
foreach ($attrs as $attribute) { foreach ($attrs as $attribute) {
if (isset ($options[$attribute])) { if (isset ($options[$attribute])) {
$output .= ' '.$attribute.'="'.safe_input ($options[$attribute]).'"'; $output .= ' '.$attribute.'="'.safe_input_html ($options[$attribute]).'"';
} }
} }
@ -1110,7 +1110,7 @@ function print_image ($src, $return = false, $options = false) {
foreach ($attrs as $attribute) { foreach ($attrs as $attribute) {
if (isset ($options[$attribute])) { if (isset ($options[$attribute])) {
$output .= $attribute.'="'.safe_input ($options[$attribute]).'" '; $output .= $attribute.'="'.safe_input_html ($options[$attribute]).'" ';
} }
} }
} else { } else {
@ -1118,7 +1118,7 @@ function print_image ($src, $return = false, $options = false) {
} }
if (!isset ($options["alt"]) && isset ($options["title"])) { if (!isset ($options["alt"]) && isset ($options["title"])) {
$options["alt"] = $options["title"]; //Set alt to title if it's not set $options["alt"] = safe_input_html($options["title"]); //Set alt to title if it's not set
} elseif (!isset ($options["alt"])) { } elseif (!isset ($options["alt"])) {
$options["alt"] = ""; $options["alt"] = "";
} }
@ -1127,7 +1127,7 @@ function print_image ($src, $return = false, $options = false) {
$output .= 'style="'.$style.'" '; $output .= 'style="'.$style.'" ';
} }
$output .= 'alt="'.safe_input ($options['alt']).'" />'; $output .= 'alt="'.safe_input_html ($options['alt']).'" />';
if (!$return) { if (!$return) {
echo $output; echo $output;

37
pandora_console/include/functions_io.php
View File

@ -52,6 +52,43 @@ function safe_input($value) {
return $valueHtmlEncode; return $valueHtmlEncode;
} }
/**
* Cleans a string by encoding to UTF-8 and replacing the HTML
* entities for HTML only. UTF-8 is necessary for foreign chars
* like asian and our databases are (or should be) UTF-8
*
* @param mixed String or array of strings to be cleaned.
*
* @return mixed The cleaned string or array.
*/
function safe_input_html($value) {
//Stop!! Are you sure to modify this critical code? Because the older
//versions are serius headache in many places of Pandora.
if (is_numeric($value))
return $value;
if (is_array($value)) {
array_walk($value, "safe_input");
return $value;
}
//Clean the trash mix into string because of magic quotes.
if (get_magic_quotes_gpc() == 1) {
$value = stripslashes($value);
}
if (! mb_check_encoding ($value, 'UTF-8'))
$value = utf8_encode ($value);
//Replace some characteres for html entities
for ($i=0;$i<33;$i++) {
$value = str_ireplace(chr($i),ascii_to_html($i), $value);
}
return $value;
}
/** /**
* Convert ascii char to html entitines * Convert ascii char to html entitines
* *

3
pandora_console/include/functions_ui.php
View File

@ -31,6 +31,7 @@
* @param string $suffix String at the end of a strimmed string. * @param string $suffix String at the end of a strimmed string.
*/ */
function printTruncateText($text, $numChars = 25, $showTextInAToopTip = true, $return = true, $showTextInTitle = true, $suffix = '&hellip;') { function printTruncateText($text, $numChars = 25, $showTextInAToopTip = true, $return = true, $showTextInTitle = true, $suffix = '&hellip;') {
$text = safe_output($text);
if (strlen($text) > ($numChars - 1)) { if (strlen($text) > ($numChars - 1)) {
$truncateText = mb_strimwidth($text, 0, ($numChars - 1)) . $suffix; $truncateText = mb_strimwidth($text, 0, ($numChars - 1)) . $suffix;
@ -1546,7 +1547,7 @@ function get_full_url ($url = false) {
*/ */
function print_page_header ($title, $icon = "", $return = false, $help = "", $godmode = false, $options = ""){ function print_page_header ($title, $icon = "", $return = false, $help = "", $godmode = false, $options = ""){
$title = safe_input_html($title);
if (($icon == "") && ($godmode == true)){ if (($icon == "") && ($godmode == true)){
$icon = "images/setup.png"; $icon = "images/setup.png";
} }