[pLog-svn] r5469 - in plog/branches/lifetype-1.2/class: data/filter summary/action test/tests/data/filter
oscar at devel.lifetype.net
oscar at devel.lifetype.net
Thu May 31 16:30:12 EDT 2007
Author: oscar
Date: 2007-05-31 16:30:12 -0400 (Thu, 31 May 2007)
New Revision: 5469
Modified:
plog/branches/lifetype-1.2/class/data/filter/htmlfilter.class.php
plog/branches/lifetype-1.2/class/summary/action/dousercreation.class.php
plog/branches/lifetype-1.2/class/test/tests/data/filter/htmlfilter_test.class.php
Log:
Added a parameter to the constructor of the HtmlFilter class so that optionally, certain characters are converted to their HTML entity representation. This will save us some typing...
Modified: plog/branches/lifetype-1.2/class/data/filter/htmlfilter.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/data/filter/htmlfilter.class.php 2007-05-31 20:15:50 UTC (rev 5468)
+++ plog/branches/lifetype-1.2/class/data/filter/htmlfilter.class.php 2007-05-31 20:30:12 UTC (rev 5469)
@@ -11,6 +11,23 @@
class HtmlFilter extends FilterBase
{
/**
+ * Constructor
+ *
+ * @param filterEntities When set to true, characters with an available
+ * HTML entity will be converted after the string has been cleaned up by
+ * the HTML filter. Disabled by default.
+ */
+ function HtmlFilter( $filterEntities = false )
+ {
+ $this->FilterBase();
+
+ if( $filterEntities ) {
+ lt_include( PLOG_CLASS_PATH."class/data/filter/htmlentitiesfilter.class.php" );
+ $this->addFilter( new HtmlEntitiesFilter());
+ }
+ }
+
+ /**
* Filters out all HTML and Javascript code from the given string
*
* @param data
Modified: plog/branches/lifetype-1.2/class/summary/action/dousercreation.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/summary/action/dousercreation.class.php 2007-05-31 20:15:50 UTC (rev 5468)
+++ plog/branches/lifetype-1.2/class/summary/action/dousercreation.class.php 2007-05-31 20:30:12 UTC (rev 5469)
@@ -6,7 +6,7 @@
lt_include( PLOG_CLASS_PATH."class/data/validator/usernamevalidator.class.php" );
lt_include( PLOG_CLASS_PATH."class/data/validator/passwordvalidator.class.php" );
lt_include( PLOG_CLASS_PATH."class/data/filter/htmlfilter.class.php" );
- lt_include( PLOG_CLASS_PATH."class/data/filter/htmlentitiesfilter.class.php" );
+
lt_include( PLOG_CLASS_PATH."class/dao/users.class.php" );
lt_include( PLOG_CLASS_PATH."class/summary/view/doblogregistrationview.class.php" );
lt_include( PLOG_CLASS_PATH."class/summary/view/summaryusercreationview.class.php" );
@@ -22,8 +22,7 @@
$this->RegisterAction( $actionInfo, $request );
// apply some filters to the data in the request
- $f = new HtmlFilter();
- $f->addFilter( new HtmlEntitiesFilter());
+ $f = new HtmlFilter( true );
$this->_request->registerFilter( "userName", $f );
$this->_request->registerFilter( "userFullName", $f );
$this->_request->registerFilter( "userEmail", $f );
Modified: plog/branches/lifetype-1.2/class/test/tests/data/filter/htmlfilter_test.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/test/tests/data/filter/htmlfilter_test.class.php 2007-05-31 20:15:50 UTC (rev 5468)
+++ plog/branches/lifetype-1.2/class/test/tests/data/filter/htmlfilter_test.class.php 2007-05-31 20:30:12 UTC (rev 5469)
@@ -29,5 +29,15 @@
$this->assertEquals( $output, $this->f->filter( $input ));
}
}
+
+ /**
+ * Test that HTML entities are converted when the first parameter
+ * passed to the constructor is set to 'true'
+ */
+ function testFilterWithHtmlFilterEnabled()
+ {
+ $f = new HtmlFilter( true );
+ $this->assertEquals( "">alert(1)", $f->filter( "\"><script>alert(1)</script>" ));
+ }
}
?>
\ No newline at end of file
More information about the pLog-svn
mailing list