diff options
| author | wei <> | 2006-01-18 04:20:26 +0000 |
|---|---|---|
| committer | wei <> | 2006-01-18 04:20:26 +0000 |
| commit | 0226f8f5f430d34b3cead40c4eb7b458933d16c6 (patch) | |
| tree | 68b21c4bec09ed73edc64019b4e20a2e3853d477 /framework/Web/UI/WebControls/TSafeHtml.php | |
| parent | e2219c91b98088289080bfa451d3083851eddf76 (diff) | |
update javascript library and usage in web controls
Diffstat (limited to 'framework/Web/UI/WebControls/TSafeHtml.php')
| -rw-r--r-- | framework/Web/UI/WebControls/TSafeHtml.php | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/framework/Web/UI/WebControls/TSafeHtml.php b/framework/Web/UI/WebControls/TSafeHtml.php new file mode 100644 index 00000000..b9f1156c --- /dev/null +++ b/framework/Web/UI/WebControls/TSafeHtml.php @@ -0,0 +1,42 @@ +<?php
+
+Prado::using('System.3rdParty.SafeHtml.TSafeHtmlParser');
+Prado::using('System.IO.TTextWriter');
+
+/**
+ * ${classname}
+ *
+ * ${description}
+ *
+ * @author Wei Zhuo<weizhuo[at]gmail[dot]com>
+ * @version $Revision: 1.66 $ $Date: ${DATE} ${TIME} $
+ * @package ${package}
+ */
+class TSafeHtml extends TControl
+{
+ /**
+ * Renders body content.
+ * This method overrides parent implementation by removing
+ * malicious javascript code from the body content
+ * @param THtmlWriter writer
+ */
+ protected function renderContents($writer)
+ {
+ $textWriter=new TTextWriter;
+ parent::renderContents(new THtmlWriter($textWriter));
+ $writer->write($this->parseSafeHtml($textWriter->flush()));
+ }
+
+ /**
+ * Use SafeHTML to remove malicous javascript from the HTML content.
+ * @param string HTML content
+ * @return string safer HTML content
+ */
+ protected function parseSafeHtml($text)
+ {
+ $renderer = new TSafeHtmlParser();
+ return $renderer->parse($content);
+ }
+}
+
+?>
\ No newline at end of file |