PHP 클래스 PMA\libraries\Sanitize

파일 보기 프로젝트 열기: phpmyadmin/phpmyadmin 1 사용 예제들

공개 메소드들

메소드	설명
checkLink ( string $url, boolean $http = false, boolean $other = false ) : boolean	Checks whether given link is valid
escapeJsString ( string $string ) : string	escapes a string to be inserted as string a JavaScript block enclosed by
formatJsVal ( string $value ) : string	Formats a value for javascript code.
getJsValue ( string $key, mixed $value, boolean $escape = true ) : string	Formats an javascript assignment with proper escaping of a value and support for assigning array of strings.
getJsValueForFormValidation ( string $key, string $value, boolean $addOn, boolean $comma ) : string	Formats javascript assignment for form validation api with proper escaping of a value.
jsFormat ( string $a_string = '', boolean $add_backquotes = true ) : string	Format a string so it can be a string inside JavaScript code inside an eventhandler (onclick, onchange, on.
printJsValue ( string $key, mixed $value ) : void	Prints an javascript assignment with proper escaping of a value and support for assigning array of strings.
printJsValueForFormValidation ( string $key, string $value, boolean $addOn = false, boolean $comma = true ) : void	Prints javascript assignment for form validation api with proper escaping of a value.
removeRequestVars ( &$whitelist ) : void	Removes all variables from request except whitelisted ones.
replaceBBLink ( array $found ) : string	Callback function for replacing [a@link@target] links in bb code.
replaceDocLink ( array $found ) : string	Callback function for replacing [doc@anchor] links in bb code.
sanitize ( string $message, boolean $escape = false, boolean $safe = false ) : string	Sanitizes $message, taking into account our special codes for formatting.
sanitizeFilename ( string $filename, boolean $replaceDots = false ) : string	Sanitize a filename by removing anything besides legit characters

메소드 상세

checkLink() 공개 정적인 메소드

Checks whether given link is valid

public static checkLink ( string $url, boolean $http = false, boolean $other = false ) : boolean
$url	string	URL to check
$http	boolean	Whether to allow http links
$other	boolean	Whether to allow ftp and mailto links
리턴	boolean	True if string can be used as link

escapeJsString() 공개 정적인 메소드

.. ]]> this requires only to escape ' with \' and end of script block We also remove NUL byte as some browsers (namely MSIE) ignore it and inserting it anywhere inside

public static escapeJsString ( string $string ) : string
$string	string	the string to be escaped
리턴	string	the escaped string

formatJsVal() 공개 정적인 메소드

Formats a value for javascript code.

public static formatJsVal ( string $value ) : string
$value	string	String to be formatted.
리턴	string	formatted value.

getJsValue() 공개 정적인 메소드

Formats an javascript assignment with proper escaping of a value and support for assigning array of strings.

public static getJsValue ( string $key, mixed $value, boolean $escape = true ) : string
$key	string	Name of value to set
$value	mixed	Value to set, can be either string or array of strings
$escape	boolean	Whether to escape value or keep it as it is (for inclusion of js code)
리턴	string	Javascript code.

getJsValueForFormValidation() 공개 정적인 메소드

Formats javascript assignment for form validation api with proper escaping of a value.

public static getJsValueForFormValidation ( string $key, string $value, boolean $addOn, boolean $comma ) : string
$key	string	Name of value to set
$value	string	Value to set
$addOn	boolean	Check if $.validator.format is required or not
$comma	boolean	Check if comma is required
리턴	string	Javascript code.

jsFormat() 공개 정적인 메소드

.., ). This function is used to displays a javascript confirmation box for "DROP/DELETE/ALTER" queries.

public static jsFormat ( string $a_string = '', boolean $add_backquotes = true ) : string
$a_string	string	the string to format
$add_backquotes	boolean	whether to add backquotes to the string or not
리턴	string	the formatted string

printJsValue() 공개 정적인 메소드

Prints an javascript assignment with proper escaping of a value and support for assigning array of strings.

public static printJsValue ( string $key, mixed $value ) : void
$key	string	Name of value to set
$value	mixed	Value to set, can be either string or array of strings
리턴	void

printJsValueForFormValidation() 공개 정적인 메소드

Prints javascript assignment for form validation api with proper escaping of a value.

public static printJsValueForFormValidation ( string $key, string $value, boolean $addOn = false, boolean $comma = true ) : void
$key	string	Name of value to set
$value	string	Value to set
$addOn	boolean	Check if $.validator.format is required or not
$comma	boolean	Check if comma is required
리턴	void

removeRequestVars() 공개 정적인 메소드

Removes all variables from request except whitelisted ones.

public static removeRequestVars ( &$whitelist ) : void
리턴	void

replaceBBLink() 공개 정적인 메소드

Callback function for replacing [a@link@target] links in bb code.

public static replaceBBLink ( array $found ) : string
$found	array	Array of preg matches
리턴	string	Replaced string

replaceDocLink() 공개 정적인 메소드

Callback function for replacing [doc@anchor] links in bb code.

public static replaceDocLink ( array $found ) : string
$found	array	Array of preg matches
리턴	string	Replaced string

sanitize() 공개 정적인 메소드

If you want to include result in element attribute, you should escape it. Examples:

bar

public static sanitize ( string $message, boolean $escape = false, boolean $safe = false ) : string
$message	string	the message
$escape	boolean	whether to escape html in result
$safe	boolean	whether string is safe (can keep < and > chars)
리턴	string	the sanitized message

sanitizeFilename() 공개 정적인 메소드

Intended usecase: When using a filename in a Content-Disposition header the value should not contain ; or " When exporting, avoiding generation of an unexpected double-extension file

public static sanitizeFilename ( string $filename, boolean $replaceDots = false ) : string
$filename	string	The filename
$replaceDots	boolean	Whether to also replace dots
리턴	string	the sanitized filename