string prepareTitle (string $sModule, string $sTitle, string $sField, [int $iUserId = null], string $sTable, [mixed $mCondition = null], [boolean $bCleanOnly = false], [array $bCache = true])

string removeEvilAttributes (string $sTxt)

string reversePrepare (string $sTxt)

string stripInnerHtml (string $sText)

string _addBreak (array $aMatches)

string _cacheHtml (string $sAttr, [string $sTxt = null], string $sTag, [bool $bClose = false])

string _cleanHtml (string $sTxt)

string _cleanObject (string $sObject, string $sEmbed)

string _removeEvilAttributes (string $sTxt, [bool $bCleanOnly = false])

string _shorten (string $sTxt, int $iLetters)

string _stripInnerHtml ( $sTag, string $sText)

string _stripTags (string $sTxt)

string _unicodeToEntitiesPreservingAscii (array $unicode, [bool $bForUrl = false])

string _utf8ToUnicode (string $str, [bool $bForUrl = false])

Variables

array $_aAllowedTags = array() (line 137)

HTML tags we allow.

access: private

array $_aEvilCss = array(
'position',
'top',
'left',
'background',
'background-image',
'background-color',
'width',
'height',
'behaviour'
) (line 99)

Invalid CSS properties we need to remove.

access: private

array $_aEvilEvents = array(
'onActivate',
'onAfterPrint',
'onBeforePrint',
'onAfterUpdate',
'onBeforeUpdate',
'onErrorUpdate',
'onAbort',
'onBeforeDeactivate',
'onDeactivate',
'onBeforeCopy',
'onBeforeCut',
'onBeforeEditFocus',
'onBeforePaste',
'onBeforeUnload',
'onBlur',
'onBounce',
'onChange',
'onClick',
'onControlSelect',
'onCopy',
'onCut',
'onDblClick',
'onDrag',
'onDragEnter',
'onDragLeave',
'onDragOver',
'onDragStart',
'onDrop',
'onFilterChange',
'onDragDrop',
'onError',
'onFilterChange',
'onFinish',
'onFocus',
'onHelp',
'onKeyDown',
'onKeyPress',
'onKeyUp',
'onLoad',
'OnLoseCapture',
'onMouseDown',
'onMouseEnter',
'onMouseLeave',
'onMouseMove',
'onMouseOut',
'onMouseOver',
'onMouseUp',
'onMove',
'onPaste',
'onPropertyChange',
'onReadyStateChange',
'onReset',
'onResize',
'onResizeEnd',
'onResizeStart',
'onScroll',
'onSelectStart',
'onSelect',
'onSelectionChange',
'onStart',
'onStop',
'onSubmit',
'onUnload',
'class',
'style'
) (line 26)

Invalid events we need to remove.

access: private

string $_sDbQstrRegexp = '"[^"\\\\]*(?:\\\\.[^"\\\\]*)*"' (line 116)

REGEX used to get params from within {}

access: private

string $_sSiQstrRegexp = '\'[^\'\\\\]*(?:\\\\.[^\'\\\\]*)*\'' (line 123)

REGEX used to get params from within {}

access: private

string $_sText = '' (line 130)

Store text we are parsing temp.

access: private

Methods

Constructor __construct (line 143)

Class constructor. Prepare regex for usgae a little later on in the script.

access: public

Phpfox_Parse_Input __construct ()

addBreak (line 426)

Add line breaks. Unlike the PHP version of this function it looks into not adding line breaks within HTML and PHP code.

return: Parsed string with newly added breaks.
access: public

string addBreak (string $sTxt)

string $sTxt: String we need to parse.

allowTitle (line 277)

Checks if a title of the item can be used in the sites root. This is mainly used

to check a persons vanity URL name. Since if a user would use the name "friend" it would cause problems when trying to visit anything related to the "friend" module as it would instead load this persons profile. With this check it makes sure that the name or title being used is not a module, a folder in the sites root directory, rewrite rule, page or the user name isn't already in use.

return: TRUE if the title is allowed otherwise FALSE.
access: public

bool allowTitle (string $sTitle, string $sErrorMessage)

string $sTitle: Title to check.
string $sErrorMessage: Error message you want to return in case there is an error.

clean (line 159)

Parse and clean a string. We mainly use this for a title of an item, which does not allow any HTML. It can also be used to shorten a string bassed on the numerical value passed by the 2nd argument.

return: Returns the new parsed string.
access: public

string clean (string $sTxt, [int $iShorten = null])

string $sTxt: Text to parse.
int $iShorten: (Optional) Define how short you want the string to be.

cleanFileName (line 256)

Cleans a file name and removes any non-latin characters.

return: Clean file name.
access: public

string cleanFileName (string $sName)

string $sName: Name of the file.

cleanTitle (line 228)

Parse and clean a title of an item and convert it into a URL title string.

Example if you had:

this is a TEST string!!!

It would convert it to:

this-is-a-test-string

Which, we would then use in a URL:

http://www.yoursite.com/this-is-a-test-string/

return: Converted URL.
access: public

string cleanTitle (string $sUrls)

string $sUrls: String to convert into a URL.

convert (line 397)

Converts a string that contains non-latin characters into UNICODE.

return: Converted text.
see: self::_utf8ToUnicode()
access: public

string convert (string $sTxt)

string $sTxt: Text to convert to UNICODE.

fixHtml (line 408)

Fixes any odd HTML, mainly dealing with HTML output from TinyMCE (WYSIWYG Editor).

return: Parsed text.
access: public

string fixHtml (string $sTxt)

string $sTxt: Text to parse.

getParams (line 444)

Get params within SMARTY {} tags.

return: ARRAY matches are returned.
access: public

array getParams (string $sTxt)

string $sTxt: String we need to parse.

jsClean (line 339)

Remove evil attributes from JavaScript.

return: Parsed JavaScript code.
access: public

string jsClean (string $sTxt)

string $sTxt: JavaScript code to parse.

prepare (line 365)

Prepare text strings. Used to prepare all data that can contain HTML. Not only does it protect against harmful HTML and CSS, it also has support for emoticon and BBCode conversion.

return: Parsed string.
access: public

string prepare (string $sTxt)

string $sTxt: Text to parse.

prepareTitle (line 525)

Preparing a URL title. Will be used to replace a title "this is a TITLE" to "this-is-a-title".

Example:

Phpfox::getLib('parse.input')->prepareTitle('photo', $aVals['title'], 'name_url', Phpfox::getUserId(), Phpfox::getT('photo_album'));

return: New fixed title.
access: public

string prepareTitle (string $sModule, string $sTitle, string $sField, [int $iUserId = null], string $sTable, [mixed $mCondition = null], [boolean $bCleanOnly = false], [array $bCache = true])

string $sModule: Module ID.
string $sTitle: Title to parse and fix.
string $sField: Database field to check if such titles already exist.
int $iUserId: User ID to check
string $sTable: Name of the database table.
mixed $mCondition: Database WHERE condition.
boolean $bCleanOnly: Return true if you want to return the clean title without running the existing title check.
array $bCache: FALSE will force a new check, while default TRUE will cache previous checks.

removeEvilAttributes (line 501)

Removes evit attributes within HTML.

return: Parsed string.
see: self::_removeEvilAttributes()
access: public

string removeEvilAttributes (string $sTxt)

string $sTxt: String to parse.

reversePrepare (line 351)

Reverse prepares strings based on what we converted with the method prepare().

return: Parsed string.
see: self::prepare()
access: public

string reversePrepare (string $sTxt)

string $sTxt: String to parse.

stripInnerHtml (line 626)

Removes HTML found within HTML.

return: Returns parsed text.
see: self::_stripInnerHtml()
access: public

string stripInnerHtml (string $sText)

string $sText: Text to parse.

_addBreak (line 1070)

Add a line break.

return: Return the string match of the text with removing the BBCode break we placed in earlier.
see: self::addBreak()
access: private

string _addBreak (array $aMatches)

array $aMatches: Matches from regex found in public method addBreak().

_cacheHtml (line 838)

Part of the method _stripTags() to remove unwanted HTML tags.

return: Returns fixed HTML tags with clean attributes and inner content.
see: self::_stripTags()
deprecated: 2.0.0rc1
access: private

string _cacheHtml (string $sAttr, [string $sTxt = null], string $sTag, [bool $bClose = false])

string $sAttr: HTML attributes.
string $sTxt: HTML inner text.
string $sTag: HTML tag.
bool $bClose: TRUE will close the tag, FALSE will leave it open.

_cleanHtml (line 741)

Common routine we run when using the prepare() method to clean HTML to make sure it is safe.

return: Parsed text.
access: private

string _cleanHtml (string $sTxt)

string $sTxt: Text to parse.

_cleanObject (line 1049)

Cleans HTML object to make it XHTML valid

return: New <object>
access: private

string _cleanObject (string $sObject, string $sEmbed)

string $sObject: is the object data
string $sEmbed: is all the <embed> tags found withing a <object>

_removeEvilAttributes (line 857)

Removes all evil attributes in a string to make sure the data returned is safe to output on the site.

return: Parsed string with all evil attributes removed.
access: private

string _removeEvilAttributes (string $sTxt, [bool $bCleanOnly = false])

string $sTxt: Text we need to parse.
bool $bCleanOnly: TRUE to just clean the text, FALSE to clean and make sure HTML tags are valid.

_shorten (line 181)

Shortens a string respecting non english characters

return: shortened string
access: private

string _shorten (string $sTxt, int $iLetters)

string $sTxt: string to shorten
int $iLetters: how many characters must the resulting string have

_stripInnerHtml (line 644)

Removes HTML found within HTML.

return: Returns parsed text.
see: self::stripInnerHtml()
access: private

string _stripInnerHtml ( $sTag, string $sText)

string $sText: Text to parse.
$sTag

_stripTags (line 807)

Our method of PHP strip_tags().

return: Parsed string.
see: strip_tags()
deprecated: 2.0.0rc1
access: private

string _stripTags (string $sTxt)

string $sTxt: String to parse.

_unicodeToEntitiesPreservingAscii (line 1016)

Converts a string with non-latin characters into UNICODE. This method is used with the method _utf8ToUnicode().

return: Returns string that has been converted.
see: self::_utf8ToUnicode()
access: private

string _unicodeToEntitiesPreservingAscii (array $unicode, [bool $bForUrl = false])

array $unicode: ARRAY of unicode values.
bool $bForUrl: TRUE for URL strings, FALSE for general usage.

_utf8ToUnicode (line 972)

Converts a string with non-latin characters into UNICODE. We convert all strings before we enter them into the database so clients do not have to worry about database collations and website encoding as all common browsers have no problems displaying UNICODE.

return: Returns string that has been converted.
see: self::_unicodeToEntitiesPreservingAscii()
access: private

string _utf8ToUnicode (string $str, [bool $bForUrl = false])

string $str: String we need to parse.
bool $bForUrl: TRUE for URL strings, FALSE for general usage.

Documentation generated on Tue, 28 Sep 2010 10:36:40 +0200 by phpDocumentor 1.4.0a2