PMA\libraries\Sanitize::sanitize PHP Method

Sanitize Class Documentation Usage Examples Of PMA\libraries\Sanitize::sanitize Mostrar archivo Open project: phpmyadmin/phpmyadmin

sanitize() public static method

If you want to include result in element attribute, you should escape it. Examples:

bar
public static sanitize ( string $message, boolean $escape = false, boolean $safe = false ) : string
$message string the message
$escape boolean whether to escape html in result
$safe boolean whether string is safe (can keep < and > chars)
return string the sanitized message 
    public static function sanitize($message, $escape = false, $safe = false)
    {
        if (!$safe) {
            $message = strtr($message, array('<' => '&lt;', '>' => '&gt;'));
        }
        /* Interpret bb code */
        $replace_pairs = array('[em]' => '<em>', '[/em]' => '</em>', '[strong]' => '<strong>', '[/strong]' => '</strong>', '[code]' => '<code>', '[/code]' => '</code>', '[kbd]' => '<kbd>', '[/kbd]' => '</kbd>', '[br]' => '<br />', '[/a]' => '</a>', '[/doc]' => '</a>', '[sup]' => '<sup>', '[/sup]' => '</sup>', '[conferr]' => '<iframe src="show_config_errors.php"><a href="show_config_errors.php">show_config_errors.php</a></iframe>', '[dochelpicon]' => Util::getImage('b_help.png', __('Documentation')));
        $message = strtr($message, $replace_pairs);
        /* Match links in bb code ([a@url@target], where @target is options) */
        $pattern = '/\\[a@([^]"@]*)(@([^]"]*))?\\]/';
        /* Find and replace all links */
        $message = preg_replace_callback($pattern, function ($match) {
            return Sanitize::replaceBBLink($match);
        }, $message);
        /* Replace documentation links */
        $message = preg_replace_callback('/\\[doc@([a-zA-Z0-9_-]+)(@([a-zA-Z0-9_-]*))?\\]/', function ($match) {
            return Sanitize::replaceDocLink($match);
        }, $message);
        /* Possibly escape result */
        if ($escape) {
            $message = htmlspecialchars($message);
        }
        return $message;
    }

Usage Example

Ejemplo n.º 1
0
/**
 * Returns sanitized language string, taking into account our special codes
 * for formatting. Takes variable number of arguments.
 * Based on Sanitize::sanitize from sanitize.lib.php.
 *
 * @param string $lang_key key in $GLOBALS WITHOUT 'strSetup' prefix
 *
 * @return string
 */
function PMA_lang($lang_key)
{
    $message = isset($GLOBALS["strConfig{$lang_key}"]) ? $GLOBALS["strConfig{$lang_key}"] : $lang_key;
    $message = Sanitize::sanitize($message);
    if (func_num_args() == 1) {
        return $message;
    } else {
        $args = func_get_args();
        array_shift($args);
        return vsprintf($message, $args);
    }
}
All Usage Examples Of PMA\libraries\Sanitize::sanitize
Sanitize
checkLink
escapeJsString
formatJsVal
getJsValue
getJsValueForFormValidation
jsFormat
printJsValue
printJsValueForFormValidation
removeRequestVars
replaceBBLink
replaceDocLink
sanitize
sanitizeFilename