summaryrefslogtreecommitdiff
path: root/framework/Web/UI/WebControls
diff options
context:
space:
mode:
authorxue <>2006-03-27 03:40:01 +0000
committerxue <>2006-03-27 03:40:01 +0000
commit3192eb5cafef46ed5203a8cb2f7ae885e5693a47 (patch)
treee069214554216b8ab309d0c0ead9f52c6d42dca4 /framework/Web/UI/WebControls
parent27578bac69d64900e8b252bd5a61a2c5d2b13ee8 (diff)
Added demos for TExpression, TStatements, TSafeHtml and TTextHighlighter.
Diffstat (limited to 'framework/Web/UI/WebControls')
-rw-r--r--framework/Web/UI/WebControls/TSafeHtml.php21
-rw-r--r--framework/Web/UI/WebControls/TTextHighlighter.php6
2 files changed, 22 insertions, 5 deletions
diff --git a/framework/Web/UI/WebControls/TSafeHtml.php b/framework/Web/UI/WebControls/TSafeHtml.php
index 432cb104..a625a84d 100644
--- a/framework/Web/UI/WebControls/TSafeHtml.php
+++ b/framework/Web/UI/WebControls/TSafeHtml.php
@@ -13,6 +13,23 @@
/**
* TSafeHtml class
*
+ * TSafeHtml is a control that strips down all potentially dangerous
+ * HTML content. It is mainly a wrapper of {@link http://pixel-apes.com/safehtml/ SafeHTML}
+ * project. According to the SafeHTML project, it tries to safeguard
+ * the following situations when the string is to be displayed to end-users,
+ * - Opening tag without its closing tag
+ * - closing tag without its opening tag
+ * - any of these tags: base, basefont, head, html, body, applet, object,
+ * iframe, frame, frameset, script, layer, ilayer, embed, bgsound, link,
+ * meta, style, title, blink, xml, etc.
+ * - any of these attributes: on*, data*, dynsrc
+ * - javascript:/vbscript:/about: etc. protocols
+ * - expression/behavior etc. in styles
+ * - any other active content.
+ *
+ * To use TSafeHtml, simply enclose the content to be secured within
+ * the body of TSafeHtml in a template.
+ *
* @author Wei Zhuo <weizhuo[at]gmail[dot]com>
* @version $Revision: $ $Date: $
* @package System.Web.UI.WebControls
@@ -26,10 +43,10 @@ class TSafeHtml extends TControl
* malicious javascript code from the body content
* @param THtmlWriter writer
*/
- public function renderContents($writer)
+ public function render($writer)
{
$textWriter=new TTextWriter;
- parent::renderContents(new THtmlWriter($textWriter));
+ parent::render(new THtmlWriter($textWriter));
$writer->write($this->parseSafeHtml($textWriter->flush()));
}
diff --git a/framework/Web/UI/WebControls/TTextHighlighter.php b/framework/Web/UI/WebControls/TTextHighlighter.php
index 6fb1ddbb..f5c3eca9 100644
--- a/framework/Web/UI/WebControls/TTextHighlighter.php
+++ b/framework/Web/UI/WebControls/TTextHighlighter.php
@@ -131,11 +131,11 @@ class TTextHighlighter extends TWebControl
}
/**
- * @return boolean true will show "Copy Code" link
+ * @return boolean true will show "Copy Code" link. Defaults to false.
*/
public function getEnableCopyCode()
{
- return $this->getViewState('CopyCode', true);
+ return $this->getViewState('CopyCode', false);
}
/**
@@ -143,7 +143,7 @@ class TTextHighlighter extends TWebControl
*/
public function setEnableCopyCode($value)
{
- $this->setViewState('CopyCode', TPropertyValue::ensureBoolean($value), true);
+ $this->setViewState('CopyCode', TPropertyValue::ensureBoolean($value), false);
}
/**