[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * @version        $Id:output.php 6961 2007-03-15 16:06:53Z tcp $
   4   * @package        Joomla.Framework
   5   * @subpackage    Filter
   6   * @copyright    Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
   7   * @license        GNU/GPL, see LICENSE.php
   8   * Joomla! is free software. This version may have been modified pursuant to the
   9   * GNU General Public License, and as distributed it includes or is derivative
  10   * of works licensed under the GNU General Public License or other free or open
  11   * source software licenses. See COPYRIGHT.php for copyright notices and
  12   * details.
  13   */
  14  defined('JPATH_BASE') or die();
  15  /**
  16   * JFilterOutput
  17   *
  18   * @static
  19   * @package     Joomla.Framework
  20   * @subpackage    Filter
  21   * @since        1.5
  22   */
  23  class JFilterOutput
  24  {
  25      /**
  26      * Makes an object safe to display in forms
  27      *
  28      * Object parameters that are non-string, array, object or start with underscore
  29      * will be converted
  30      *
  31      * @static
  32      * @param object An object to be parsed
  33      * @param int The optional quote style for the htmlspecialchars function
  34      * @param string|array An optional single field name or array of field names not
  35      *                     to be parsed (eg, for a textarea)
  36      * @since 1.5
  37      */
  38  	function objectHTMLSafe( &$mixed, $quote_style=ENT_QUOTES, $exclude_keys='' )
  39      {
  40          if (is_object( $mixed ))
  41          {
  42              foreach (get_object_vars( $mixed ) as $k => $v)
  43              {
  44                  if (is_array( $v ) || is_object( $v ) || $v == NULL || substr( $k, 1, 1 ) == '_' ) {
  45                      continue;
  46                  }
  47  
  48                  if (is_string( $exclude_keys ) && $k == $exclude_keys) {
  49                      continue;
  50                  } else if (is_array( $exclude_keys ) && in_array( $k, $exclude_keys )) {
  51                      continue;
  52                  }
  53  
  54                  $mixed->$k = htmlspecialchars( $v, $quote_style, 'UTF-8' );
  55              }
  56          }
  57      }
  58  
  59      /**
  60       * This method processes a string and replaces all instances of & with &amp; in links only
  61       *
  62       * @static
  63       * @param    string    $input    String to process
  64       * @return    string    Processed string
  65       * @since    1.5
  66       */
  67  	function linkXHTMLSafe($input)
  68      {
  69          $regex = 'href="([^"]*(&(amp;){0})[^"]*)*?"';
  70          return preg_replace_callback( "#$regex#i", array('JFilterOutput', '_ampReplaceCallback'), $input );
  71      }
  72  
  73      /**
  74       * This method processes a string and replaces all accented UTF-8 characters by unaccented
  75       * ASCII-7 "equivalents", whitespaces are replaced by hyphens and the string is lowercased.
  76       *
  77       * @static
  78       * @param    string    $input    String to process
  79       * @return    string    Processed string
  80       * @since    1.5
  81       */
  82  	function stringURLSafe($string)
  83      {
  84          //remove any '-' from the string they will be used as concatonater
  85          $str = str_replace('-', ' ', $string);
  86  
  87          $lang =& JFactory::getLanguage();
  88          $str = $lang->transliterate($str);
  89  
  90          // remove any duplicate whitespace, and ensure all characters are alphanumeric
  91          $str = preg_replace(array('/\s+/','/[^A-Za-z0-9\-]/'), array('-',''), $str);
  92  
  93          // lowercase and trim
  94          $str = trim(strtolower($str));
  95          return $str;
  96      }
  97  
  98      /**
  99      * Replaces &amp; with & for xhtml compliance
 100      *
 101      * @todo There must be a better way???
 102      *
 103      * @static
 104      * @since 1.5
 105      */
 106  	function ampReplace( $text )
 107      {
 108          $text = str_replace( '&&', '*--*', $text );
 109          $text = str_replace( '&#', '*-*', $text );
 110          $text = str_replace( '&amp;', '&', $text );
 111          $text = preg_replace( '|&(?![\w]+;)|', '&amp;', $text );
 112          $text = str_replace( '*-*', '&#', $text );
 113          $text = str_replace( '*--*', '&&', $text );
 114  
 115          return $text;
 116      }
 117  
 118      /**
 119       * Callback method for replacing & with &amp; in a string
 120       *
 121       * @static
 122       * @param    string    $m    String to process
 123       * @return    string    Replaced string
 124       * @since    1.5
 125       */
 126  	function _ampReplaceCallback( $m )
 127      {
 128           $rx = '&(?!amp;)';
 129           return preg_replace( '#'.$rx.'#', '&amp;', $m[0] );
 130      }
 131  
 132      /**
 133      * Cleans text of all formating and scripting code
 134      */
 135  	function cleanText ( &$text )
 136      {
 137          $text = preg_replace( "'<script[^>]*>.*?</script>'si", '', $text );
 138          $text = preg_replace( '/<a\s+.*?href="([^"]+)"[^>]*>([^<]+)<\/a>/is', '\2 (\1)', $text );
 139          $text = preg_replace( '/<!--.+?-->/', '', $text );
 140          $text = preg_replace( '/{.+?}/', '', $text );
 141          $text = preg_replace( '/&nbsp;/', ' ', $text );
 142          $text = preg_replace( '/&amp;/', ' ', $text );
 143          $text = preg_replace( '/&quot;/', ' ', $text );
 144          $text = strip_tags( $text );
 145          $text = htmlspecialchars( $text );
 146          return $text;
 147      }
 148  }