forked from phpgearbox/string
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathHtml.php
More file actions
130 lines (122 loc) · 4.32 KB
/
Copy pathHtml.php
File metadata and controls
130 lines (122 loc) · 4.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
<?php namespace Gears\String\Methods;
////////////////////////////////////////////////////////////////////////////////
// __________ __ ________ __________
// \______ \ |__ ______ / _____/ ____ _____ ______\______ \ _______ ___
// | ___/ | \\____ \/ \ ____/ __ \\__ \\_ __ \ | _// _ \ \/ /
// | | | Y \ |_> > \_\ \ ___/ / __ \| | \/ | ( <_> > <
// |____| |___| / __/ \______ /\___ >____ /__| |______ /\____/__/\_ \
// \/|__| \/ \/ \/ \/ \/
// -----------------------------------------------------------------------------
// Designed and Developed by Brad Jones <brad @="bjc.id.au" />
// -----------------------------------------------------------------------------
////////////////////////////////////////////////////////////////////////////////
use voku\helper\UTF8;
trait Html
{
/**
* Convert all HTML entities to their applicable characters.
*
* @link http://php.net/manual/en/function.html-entity-decode.php
*
* @param int|null $flags Optional flags
*
* @return static String after being html decoded.
*/
public function htmlDecode($flags = ENT_COMPAT)
{
return $this->newSelf
(
UTF8::html_entity_decode
(
$this->scalarString,
$flags,
$this->encoding
)
);
}
/**
* Convert all applicable characters to HTML entities.
*
* @link http://php.net/manual/en/function.htmlentities.php
*
* @param int|null $flags Optional flags.
*
* @param bool $doubleEncode When double_encode is turned off PHP
* will not encode existing html entities.
* The default is to convert everything.
*
* @return static String after being html encoded.
*/
public function htmlEncode($flags = null, $doubleEncode = true)
{
if ($flags === null) $flags = ENT_QUOTES | ENT_SUBSTITUTE;
return $this->newSelf
(
UTF8::htmlentities
(
$this->scalarString,
$flags,
$this->encoding,
$doubleEncode
)
);
}
/**
* Sanitizes data so that Cross Site Scripting Hacks can be prevented.
*
* This method does a fair amount of work and it is extremely thorough,
* designed to prevent even the most obscure XSS attempts. Nothing is ever
* 100 percent foolproof, of course, but I haven't been able to get anything
* passed the filter.
*
* > NOTE: Should only be used to deal with data upon submission.
* > It's not something that should be used for general runtime processing.
*
* __In other words it is still critically important
* to escape anything that you output!!!__
*
* This uses a packaged version of the Anti XSS Library from CodeIgniter.
* @link https://github.com/voku/anti-xss
*
* @return static
*/
public function htmlXssClean()
{
static $antiXss = null;
if ($antiXss === null)
{
if (class_exists('\\voku\\helper\\AntiXSS'))
{
$antiXss = new \voku\helper\AntiXSS();
}
else
{
throw new \RuntimeException
(
"This method requires \voku\helper\AntiXSS. ".
"Install with: composer require voku/anti-xss"
);
}
}
return $this->newSelf($antiXss->xss_clean($this->scalarString));
}
/**
* Strip HTML and PHP tags from a string.
*
* This function tries to return a string with all NULL bytes,
* HTML and PHP tags stripped from a given str.
*
* @param string|null $allowableTags You can use the optional second
* parameter to specify tags which
* should not be stripped.
*
* @return static
*/
public function htmlStripTags($allowableTags = null)
{
return $this->newSelf
(
UTF8::strip_tags($this->scalarString, $allowableTags)
);
}
}