/libraries/joomla/filter/filteroutput.php

https://github.com/MaBelleEcole/Main · PHP · 148 lines · 65 code · 11 blank · 72 comment · 13 complexity · 7758814ecf9145539af41f6eaee7f090 MD5 · raw file 

    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * @version		$Id:output.php 6961 2007-03-15 16:06:53Z tcp $
    4. 

  4.  * @package		Joomla.Framework
    5. 

  5.  * @subpackage	Filter
    6. 

  6.  * @copyright	Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
    7. 

  7.  * @license		GNU/GPL, see LICENSE.php
    8. 

  8.  * Joomla! is free software. This version may have been modified pursuant to the
    9. 

  9.  * GNU General Public License, and as distributed it includes or is derivative
    10. 

  10.  * of works licensed under the GNU General Public License or other free or open
    11. 

  11.  * source software licenses. See COPYRIGHT.php for copyright notices and
    12. 

  12.  * details.
    13. 

  13.  */
    14. 

  14. defined('JPATH_BASE') or die();
    15. 

  15. /**
    16. 

  16.  * JFilterOutput
    17. 

  17.  *
    18. 

  18.  * @static
    19. 

  19.  * @package 	Joomla.Framework
    20. 

  20.  * @subpackage	Filter
    21. 

  21.  * @since		1.5
    22. 

  22.  */
    23. 

  23. class JFilterOutput
    24. 

  24. {
    25. 

  25. 	/**
    26. 

  26. 	* Makes an object safe to display in forms
    27. 

  27. 	*
    28. 

  28. 	* Object parameters that are non-string, array, object or start with underscore
    29. 

  29. 	* will be converted
    30. 

  30. 	*
    31. 

  31. 	* @static
    32. 

  32. 	* @param object An object to be parsed
    33. 

  33. 	* @param int The optional quote style for the htmlspecialchars function
    34. 

  34. 	* @param string|array An optional single field name or array of field names not
    35. 

  35. 	*					 to be parsed (eg, for a textarea)
    36. 

  36. 	* @since 1.5
    37. 

  37. 	*/
    38. 

  38. 	function objectHTMLSafe( &$mixed, $quote_style=ENT_QUOTES, $exclude_keys='' )
    39. 

  39. 	{
    40. 

  40. 		if (is_object( $mixed ))
    41. 

  41. 		{
    42. 

  42. 			foreach (get_object_vars( $mixed ) as $k => $v)
    43. 

  43. 			{
    44. 

  44. 				if (is_array( $v ) || is_object( $v ) || $v == NULL || substr( $k, 1, 1 ) == '_' ) {
    45. 

  45. 					continue;
    46. 

  46. 				}
    47. 

  47. 

  48. 				if (is_string( $exclude_keys ) && $k == $exclude_keys) {
    49. 

  49. 					continue;
    50. 

  50. 				} else if (is_array( $exclude_keys ) && in_array( $k, $exclude_keys )) {
    51. 

  51. 					continue;
    52. 

  52. 				}
    53. 

  53. 

  54. 				$mixed->$k = htmlspecialchars( $v, $quote_style, 'UTF-8' );
    55. 

  55. 			}
    56. 

  56. 		}
    57. 

  57. 	}
    58. 

  58. 

  59. 	/**
    60. 

  60. 	 * This method processes a string and replaces all instances of & with &amp; in links only
    61. 

  61. 	 *
    62. 

  62. 	 * @static
    63. 

  63. 	 * @param	string	$input	String to process
    64. 

  64. 	 * @return	string	Processed string
    65. 

  65. 	 * @since	1.5
    66. 

  66. 	 */
    67. 

  67. 	function linkXHTMLSafe($input)
    68. 

  68. 	{
    69. 

  69. 		$regex = 'href="([^"]*(&(amp;){0})[^"]*)*?"';
    70. 

  70. 		return preg_replace_callback( "#$regex#i", array('JFilterOutput', '_ampReplaceCallback'), $input );
    71. 

  71. 	}
    72. 

  72. 

  73. 	/**
    74. 

  74. 	 * This method processes a string and replaces all accented UTF-8 characters by unaccented
    75. 

  75. 	 * ASCII-7 "equivalents", whitespaces are replaced by hyphens and the string is lowercased.
    76. 

  76. 	 *
    77. 

  77. 	 * @static
    78. 

  78. 	 * @param	string	$input	String to process
    79. 

  79. 	 * @return	string	Processed string
    80. 

  80. 	 * @since	1.5
    81. 

  81. 	 */
    82. 

  82. 	function stringURLSafe($string)
    83. 

  83. 	{
    84. 

  84. 		//remove any '-' from the string they will be used as concatonater
    85. 

  85. 		$str = str_replace('-', ' ', $string);
    86. 

  86. 

  87. 		$lang =& JFactory::getLanguage();
    88. 

  88. 		$str = $lang->transliterate($str);
    89. 

  89. 

  90. 		// remove any duplicate whitespace, and ensure all characters are alphanumeric
    91. 

  91. 		$str = preg_replace(array('/\s+/','/[^A-Za-z0-9\-]/'), array('-',''), $str);
    92. 

  92. 

  93. 		// lowercase and trim
    94. 

  94. 		$str = trim(strtolower($str));
    95. 

  95. 		return $str;
    96. 

  96. 	}
    97. 

  97. 

  98. 	/**
    99. 

  99. 	* Replaces &amp; with & for xhtml compliance
    100. 

  100. 	*
    101. 

  101. 	* @todo There must be a better way???
    102. 

  102. 	*
    103. 

  103. 	* @static
    104. 

  104. 	* @since 1.5
    105. 

  105. 	*/
    106. 

  106. 	function ampReplace( $text )
    107. 

  107. 	{
    108. 

  108. 		$text = str_replace( '&&', '*--*', $text );
    109. 

  109. 		$text = str_replace( '&#', '*-*', $text );
    110. 

  110. 		$text = str_replace( '&amp;', '&', $text );
    111. 

  111. 		$text = preg_replace( '|&(?![\w]+;)|', '&amp;', $text );
    112. 

  112. 		$text = str_replace( '*-*', '&#', $text );
    113. 

  113. 		$text = str_replace( '*--*', '&&', $text );
    114. 

  114. 

  115. 		return $text;
    116. 

  116. 	}
    117. 

  117. 

  118. 	/**
    119. 

  119. 	 * Callback method for replacing & with &amp; in a string
    120. 

  120. 	 *
    121. 

  121. 	 * @static
    122. 

  122. 	 * @param	string	$m	String to process
    123. 

  123. 	 * @return	string	Replaced string
    124. 

  124. 	 * @since	1.5
    125. 

  125. 	 */
    126. 

  126. 	function _ampReplaceCallback( $m )
    127. 

  127. 	{
    128. 

  128. 		 $rx = '&(?!amp;)';
    129. 

  129. 		 return preg_replace( '#'.$rx.'#', '&amp;', $m[0] );
    130. 

  130. 	}
    131. 

  131. 

  132. 	/**
    133. 

  133. 	* Cleans text of all formating and scripting code
    134. 

  134. 	*/
    135. 

  135. 	function cleanText ( &$text )
    136. 

  136. 	{
    137. 

  137. 		$text = preg_replace( "'<script[^>]*>.*?</script>'si", '', $text );
    138. 

  138. 		$text = preg_replace( '/<a\s+.*?href="([^"]+)"[^>]*>([^<]+)<\/a>/is', '\2 (\1)', $text );
    139. 

  139. 		$text = preg_replace( '/<!--.+?-->/', '', $text );
    140. 

  140. 		$text = preg_replace( '/{.+?}/', '', $text );
    141. 

  141. 		$text = preg_replace( '/&nbsp;/', ' ', $text );
    142. 

  142. 		$text = preg_replace( '/&amp;/', ' ', $text );
    143. 

  143. 		$text = preg_replace( '/&quot;/', ' ', $text );
    144. 

  144. 		$text = strip_tags( $text );
    145. 

  145. 		$text = htmlspecialchars( $text );
    146. 

  146. 		return $text;
    147. 

  147. 	}
    148. 

  148. }
    149.