PHP Класс PMA\libraries\Sanitize

Показать файл Открыть проект Примеры использования класса

Открытые методы

Метод Описание
checkLink ( string $url, boolean $http = false, boolean $other = false ) : boolean Checks whether given link is valid
escapeJsString ( string $string ) : string escapes a string to be inserted as string a JavaScript block enclosed by
formatJsVal ( string $value ) : string Formats a value for javascript code.
getJsValue ( string $key, mixed $value, boolean $escape = true ) : string Formats an javascript assignment with proper escaping of a value and support for assigning array of strings.
getJsValueForFormValidation ( string $key, string $value, boolean $addOn, boolean $comma ) : string Formats javascript assignment for form validation api with proper escaping of a value.
jsFormat ( string $a_string = '', boolean $add_backquotes = true ) : string Format a string so it can be a string inside JavaScript code inside an eventhandler (onclick, onchange, on.
printJsValue ( string $key, mixed $value ) : void Prints an javascript assignment with proper escaping of a value and support for assigning array of strings.
printJsValueForFormValidation ( string $key, string $value, boolean $addOn = false, boolean $comma = true ) : void Prints javascript assignment for form validation api with proper escaping of a value.
removeRequestVars ( &$whitelist ) : void Removes all variables from request except whitelisted ones.
replaceBBLink ( array $found ) : string Callback function for replacing [a@link@target] links in bb code.
replaceDocLink ( array $found ) : string Callback function for replacing [doc@anchor] links in bb code.
sanitize ( string $message, boolean $escape = false, boolean $safe = false ) : string Sanitizes $message, taking into account our special codes for formatting.
sanitizeFilename ( string $filename, boolean $replaceDots = false ) : string Sanitize a filename by removing anything besides legit characters

Описание методов

escapeJsString() публичный статический метод

.. ]]> this requires only to escape ' with \' and end of script block We also remove NUL byte as some browsers (namely MSIE) ignore it and inserting it anywhere inside
public static escapeJsString ( string $string ) : string
$string string the string to be escaped
Результат string the escaped string

formatJsVal() публичный статический метод

Formats a value for javascript code.
public static formatJsVal ( string $value ) : string
$value string String to be formatted.
Результат string formatted value.

getJsValue() публичный статический метод

Formats an javascript assignment with proper escaping of a value and support for assigning array of strings.
public static getJsValue ( string $key, mixed $value, boolean $escape = true ) : string
$key string Name of value to set
$value mixed Value to set, can be either string or array of strings
$escape boolean Whether to escape value or keep it as it is (for inclusion of js code)
Результат string Javascript code.

getJsValueForFormValidation() публичный статический метод

Formats javascript assignment for form validation api with proper escaping of a value.
public static getJsValueForFormValidation ( string $key, string $value, boolean $addOn, boolean $comma ) : string
$key string Name of value to set
$value string Value to set
$addOn boolean Check if $.validator.format is required or not
$comma boolean Check if comma is required
Результат string Javascript code.

jsFormat() публичный статический метод

.., ). This function is used to displays a javascript confirmation box for "DROP/DELETE/ALTER" queries.
public static jsFormat ( string $a_string = '', boolean $add_backquotes = true ) : string
$a_string string the string to format
$add_backquotes boolean whether to add backquotes to the string or not
Результат string the formatted string

printJsValue() публичный статический метод

Prints an javascript assignment with proper escaping of a value and support for assigning array of strings.
public static printJsValue ( string $key, mixed $value ) : void
$key string Name of value to set
$value mixed Value to set, can be either string or array of strings
Результат void

printJsValueForFormValidation() публичный статический метод

Prints javascript assignment for form validation api with proper escaping of a value.
public static printJsValueForFormValidation ( string $key, string $value, boolean $addOn = false, boolean $comma = true ) : void
$key string Name of value to set
$value string Value to set
$addOn boolean Check if $.validator.format is required or not
$comma boolean Check if comma is required
Результат void

removeRequestVars() публичный статический метод

Removes all variables from request except whitelisted ones.
public static removeRequestVars ( &$whitelist ) : void
Результат void

sanitize() публичный статический метод

If you want to include result in element attribute, you should escape it. Examples:

bar
public static sanitize ( string $message, boolean $escape = false, boolean $safe = false ) : string
$message string the message
$escape boolean whether to escape html in result
$safe boolean whether string is safe (can keep < and > chars)
Результат string the sanitized message

sanitizeFilename() публичный статический метод

Intended usecase: When using a filename in a Content-Disposition header the value should not contain ; or " When exporting, avoiding generation of an unexpected double-extension file
public static sanitizeFilename ( string $filename, boolean $replaceDots = false ) : string
$filename string The filename
$replaceDots boolean Whether to also replace dots
Результат string the sanitized filename