Piwik\Common::sanitizeInputValues PHP Method

Common Class Documentation Usage Examples Of Piwik\Common::sanitizeInputValues ファイルを表示 Open project: piwik/piwik

sanitizeInputValues() public static method

This function is automatically called when {@link getRequestVar()} is called, so you should not normally have to use it. This function should be used when outputting data that isn't escaped and was obtained from the user (for example when using the |raw twig filter on goal names). _NOTE: Sanitized input should not be used directly in an SQL query; SQL placeholders should still be used._ **Implementation Details** - htmlspecialchars is used to escape text. - Single quotes are not escaped so **Piwik's amazing community** will still be **Piwik's amazing community**. - Use of the magic_quotes setting will not break this method. - Boolean, numeric and null values are not modified.

public static sanitizeInputValues ( mixed $value, boolean $alreadyStripslashed = false ) : mixed
$value	mixed	The variable to be sanitized. If an array is supplied, the contents of the array will be sanitized recursively. The keys of the array will also be sanitized.
$alreadyStripslashed	boolean	Implementation detail, ignore.
return	mixed	The sanitized value.

    public static function sanitizeInputValues($value, $alreadyStripslashed = false)
    {
        if (is_numeric($value)) {
            return $value;
        } elseif (is_string($value)) {
            $value = self::sanitizeString($value);
        } elseif (is_array($value)) {
            foreach (array_keys($value) as $key) {
                $newKey = $key;
                $newKey = self::sanitizeInputValues($newKey, $alreadyStripslashed);
                if ($key != $newKey) {
                    $value[$newKey] = $value[$key];
                    unset($value[$key]);
                }
                $value[$newKey] = self::sanitizeInputValues($value[$newKey], $alreadyStripslashed);
            }
        } elseif (!is_null($value) && !is_bool($value)) {
            throw new Exception("The value to escape has not a supported type. Value = " . var_export($value, true));
        }
        return $value;
    }

Usage Example

コード例 #1

ファイルを表示

ファイル: API.php プロジェクト: a4tunado/piwik

 /**
  * Returns the javascript tag for the given idSite.
  * This tag must be included on every page to be tracked by Piwik
  *
  * @param int $idSite
  * @param string $piwikUrl
  * @param bool $mergeSubdomains
  * @param bool $groupPageTitlesByDomain
  * @param bool $mergeAliasUrls
  * @param bool $visitorCustomVariables
  * @param bool $pageCustomVariables
  * @param bool $customCampaignNameQueryParam
  * @param bool $customCampaignKeywordParam
  * @param bool $doNotTrack
  * @param bool $disableCookies
  * @return string The Javascript tag ready to be included on the HTML pages
  */
 public function getJavascriptTag($idSite, $piwikUrl = '', $mergeSubdomains = false, $groupPageTitlesByDomain = false, $mergeAliasUrls = false, $visitorCustomVariables = false, $pageCustomVariables = false, $customCampaignNameQueryParam = false, $customCampaignKeywordParam = false, $doNotTrack = false, $disableCookies = false)
 {
     Piwik::checkUserHasViewAccess($idSite);
     if (empty($piwikUrl)) {
         $piwikUrl = SettingsPiwik::getPiwikUrl();
     }
     $piwikUrl = Common::sanitizeInputValues($piwikUrl);
     $htmlEncoded = Piwik::getJavascriptCode($idSite, $piwikUrl, $mergeSubdomains, $groupPageTitlesByDomain, $mergeAliasUrls, $visitorCustomVariables, $pageCustomVariables, $customCampaignNameQueryParam, $customCampaignKeywordParam, $doNotTrack, $disableCookies);
     $htmlEncoded = str_replace(array('<br>', '<br />', '<br/>'), '', $htmlEncoded);
     return $htmlEncoded;
 }

All Usage Examples Of Piwik\Common::sanitizeInputValues

Common

checkValidLanguagesIsSet

convertUserIdToVisitorIdBin

convertVisitorIdToBin

destroy

extractCountryCodeFromBrowserLanguage

extractLanguageAndRegionCodeFromBrowserLanguage

extractLanguageCodeFromBrowserLanguage

forceDotAsSeparatorForDecimalPoint

generateUniqId

getBrowserLanguage