Toolbox::clean_cross_side_scripting_deep PHP Méthode

Toolbox Class Documentation Usage Examples Of Toolbox::clean_cross_side_scripting_deep Afficher le fichier Open project: glpi-project/glpi

clean_cross_side_scripting_deep() static public méthode

Prevent from XSS Clean code

static public clean_cross_side_scripting_deep ( $value ) : clean
$value		array or string: item to prevent (array or string)
Résultat	clean	item

    static function clean_cross_side_scripting_deep($value)
    {
        $in = array('<', '>');
        $out = array('&lt;', '&gt;');
        $value = (array) $value === $value ? array_map(array(__CLASS__, 'clean_cross_side_scripting_deep'), $value) : (is_null($value) ? NULL : (is_resource($value) ? $value : str_replace($in, $out, $value)));
        return $value;
    }

Usage Example

Exemple #1

Afficher le fichier

Fichier : methodhelpdesk.class.php Projet : geldarr/hack-space

 /**
  * Solution of a ticket for an authenticated user
  *
  * @param $params    array of options (ticket, id2name)
  * @param $protocol        the communication protocol used
  *
  * @return array of hashtable as glpi.getTicket
  **/
 static function methodsetTicketSolution($params, $protocol)
 {
     global $DB, $CFG_GLPI;
     if (isset($params['help'])) {
         return array('ticket' => 'integer,mandatory', 'id2name' => 'bool,optional', 'type' => 'integer,optional', 'solution' => 'text,mandatory', 'help' => 'bool,optional');
     }
     if (!Session::getLoginUserID()) {
         return self::Error($protocol, WEBSERVICES_ERROR_NOTAUTHENTICATED);
     }
     $ticket = new Ticket();
     if (!isset($params['ticket'])) {
         return self::Error($protocol, WEBSERVICES_ERROR_MISSINGPARAMETER, '', 'ticket');
     }
     if (!isset($params['solution'])) {
         return self::Error($protocol, WEBSERVICES_ERROR_MISSINGPARAMETER, '', 'solution');
     }
     if (isset($params['type']) && !is_numeric($params['type'])) {
         return self::Error($protocol, WEBSERVICES_ERROR_BADPARAMETER, '', 'type=' . $params['type']);
     }
     if (!$ticket->can($params['ticket'], 'r')) {
         return self::Error($protocol, WEBSERVICES_ERROR_NOTFOUND, '', 'ticket');
     }
     if (!$ticket->getFromDB($params['ticket'])) {
         return self::Error($protocol, WEBSERVICES_ERROR_NOTFOUND, '', 'solution');
     }
     $input = array('id' => $ticket->getField('id'), 'solution' => addslashes(Toolbox::clean_cross_side_scripting_deep($params['solution'])), 'status' => Ticket::SOLVED);
     if (isset($params['type'])) {
         $input['solutiontypes_id'] = $params['type'];
     }
     if (!$ticket->canSolve($params['ticket'], 'w')) {
         return self::Error($protocol, WEBSERVICES_ERROR_NOTALLOWED);
     }
     if ($ticket->update($input)) {
         unset($params['solution'], $params['type']);
         return self::methodGetTicket($params, $protocol);
     }
     return self::Error($protocol, WEBSERVICES_ERROR_FAILED, '', self::getDisplayError());
 }

All Usage Examples Of Toolbox::clean_cross_side_scripting_deep

Toolbox

addslashes_deep

append_params

backtrace

canUseImapPop

canUseLdap

checkMemoryLimit

checkNewVersionAvailable

checkSELinux

checkValidReferer

cleanDecimal