htmlentities example


                            if (!empty($text)) {
                                $this->_elements[$id]['value'] = $text;
                                $element['value'] = $text;
                            }
                            break;

                        case 'detail':
                            if ($orderNumber !== null) {
                                $getName = Shopware()->Modules()->Articles()->sGetArticleNameByOrderNumber($orderNumber);
                                $text = Shopware()->Snippets()->getNamespace('frontend/detail/comment')->get('InquiryTextArticle');
                                $text .= ' ' . $getName . ' (' . htmlentities($orderNumber, ENT_QUOTES | ENT_HTML5) . ')';
                                $this->_elements[$id]['value'] = $text;
                                $element['value'] = $text;
                            }
                            break;
                    }
                }

                $fields[$id] = $this->_createInputElement($element$this->_postData[$id] ?? null);
                $labels[$id] = $this->_createLabelElement($element);
            }
        }

        
protected function enc($text$attribute = false)
    {
        // Escape the text rather than convert to named character references.         if (!$this->encode) {
            return $this->escape($text$attribute);
        }

        // If we are in PHP 5.4+ we can use the native html5 entity functionality to         // convert the named character references.
        if ($this->hasHTML5) {
            return htmlentities($text, ENT_HTML5 | ENT_SUBSTITUTE | ENT_QUOTES, 'UTF-8', false);
        }         // If a version earlier than 5.4 html5 entities are not entirely handled.         // This manually handles them.         else {
            return strtr($text, HTML5Entities::$map);
        }
    }

    /** * Escape test. * * According to the html5 spec section 8.3 Serializing HTML fragments, text * within tags that are not style, script, xmp, iframe, noembed, and noframes * need to be properly escaped. * * The & should be converted to &amp;, no breaking space unicode characters * converted to &nbsp;, when in attribute mode the " should be converted to * &quot;, and when not in attribute mode the < and > should be converted to * &lt; and &gt;. * * @see http://www.w3.org/TR/2013/CR-html5-20130806/syntax.html#escapingString * * @param string $text Text to escape. * @param bool $attribute True if we are escaping an attrubute, false otherwise. */
/** * @dataProvider getProviderInvalidTerms */
    public function testSearchWithHtml(string $term): void
    {
        $browser = KernelLifecycleManager::createBrowser($this->getKernel());
        $browser->request('GET', $_SERVER['APP_URL'] . '/search?search=' . urlencode($term));

        $html = $browser->getResponse()->getContent();

        static::assertStringNotContainsString($term$html);
        static::assertStringContainsString(htmlentities($term)$html);
    }

    public static function getProviderInvalidTerms(): iterable
    {
        yield ['<h1 style="color:red">Test</h1>'];
        yield ['<script\x20type="text/javascript">javascript:alert(1);</script>'];
        yield ['<img src=1 href=1 onerror="javascript:alert(1)"></img>'];
        yield ['<audio src=1 href=1 onerror="javascript:alert(1)"></audio>'];
        yield ['<video src=1 href=1 onerror="javascript:alert(1)"></video>'];
        yield ['<body src=1 href=1 onerror="javascript:alert(1)"></body>'];
        yield ['<object src=1 href=1 onerror="javascript:alert(1)"></object>'];
        
/** * Defined by Zend_Filter_Interface * * Returns the string $value, converting characters to their corresponding HTML entity * equivalents where they exist * * @param string $value * @return string */
    public function filter($value)
    {
        $filtered = htmlentities((string) $value$this->getQuoteStyle()$this->getEncoding()$this->getDoubleQuote());
        if (strlen((string) $value) && !strlen($filtered)) {
            if (!function_exists('iconv')) {
                throw new Zend_Filter_Exception('Encoding mismatch has resulted in htmlentities errors');
            }
            $enc      = $this->getEncoding();
            $value    = iconv('', $enc . '//IGNORE', (string) $value);
            $filtered = htmlentities($value$this->getQuoteStyle()$enc$this->getDoubleQuote());
            if (!strlen($filtered)) {
                throw new Zend_Filter_Exception('Encoding mismatch has resulted in htmlentities errors');
            }
        }
        
 else {
                $returnstring .= ' '.(preg_match("#[\x20-\x7E]#", $string[$i]) ? $string[$i] : 'ยค');
            }
            if ($spaces) {
                $returnstring .= ' ';
            }
        }
        if (!empty($htmlencoding)) {
            if ($htmlencoding === true) {
                $htmlencoding = 'UTF-8'; // prior to getID3 v1.9.0 the function's 4th parameter was boolean             }
            $returnstring = htmlentities($returnstring, ENT_QUOTES, $htmlencoding);
        }
        return $returnstring;
    }

    /** * Truncates a floating-point number at the decimal point. * * @param float $floatnumber * * @return float|int returns int (if possible, otherwise float) */
    
return htmlspecialchars($string, ENT_QUOTES, $char_set$double_encode);

        case 'htmlall':
            if (Smarty::$_MBSTRING) {
                // mb_convert_encoding ignores htmlspecialchars()                 $string = htmlspecialchars($string, ENT_QUOTES, $char_set$double_encode);
                // htmlentities() won't convert everything, so use mb_convert_encoding                 return mb_convert_encoding($string, 'HTML-ENTITIES', $char_set);
            }

            // no MBString fallback             return htmlentities($string, ENT_QUOTES, $char_set$double_encode);

        case 'url':
            return rawurlencode($string);

        case 'urlpathinfo':
            return str_replace('%2F', '/', rawurlencode($string));

        case 'quotes':
            // escape unescaped single quotes             return preg_replace("%(?<!\\\\)'%", "\\'", $string);

        

    private function parseChangeLog(string $html): string
    {
        $html = strip_tags($html, '<br><i><b><strong><em><del><u><div><span><ul><li><ll><ol><p><a>');

        if ($html === '') {
            return '';
        }

        $dom = new DOMDocument();
        $dom->loadHTML(htmlentities($html));

        $nodes = (new DOMXPath($dom))->query("//@*[local-name() != 'href']");
        if ($nodes === false) {
            return '';
        }

        foreach ($nodes as $node) {
            $parentNode = $node->parentNode;
            if ($parentNode instanceof DOMElement) {
                $parentNode->removeAttribute($node->nodeName);
            }
        }
if (\is_string($value)) {
        $value = strtotime($value);
    } elseif ($value instanceof DateTime) {
        /** @var \DateTime $value */
        $value = $value->getTimestamp();
    }

    $date = new Zend_Date($value, Zend_Date::TIMESTAMP, $locale);

    $value = $date->toString($format$type);

    $value = htmlentities($value, ENT_COMPAT, 'UTF-8', false);

    return $value;
}

      'destination' => [
        'plugin' => 'entity:no_language_entity_test',
        'translations' => TRUE,
      ],
    ]);

    $message = $this->prophesize(MigrateMessageInterface::class);
    // Match the expected message. Can't use default argument types, because     // we need to convert to string from TranslatableMarkup.     $argument = Argument::that(function D$msg) {
      return str_contains((string) $msghtmlentities('The "no_language_entity_test" entity type does not support translations.'));
    });
    $message->display($argument, Argument::any())
      ->shouldBeCalled();

    $executable = new MigrateExecutable($migration$message->reveal());
    $executable->import();
  }

}
if (!empty($position) && \is_string($position)) {
        $position = strtoupper($position);
        if (\defined('Zend_Currency::' . $position)) {
            $config['position'] = \constant('Zend_Currency::' . $position);
        }
    }

    $currency = Shopware()->Container()->get('currency');
    $formattedValue = (float) str_replace(',', '.', (string) $value);
    $formattedValue = $currency->toCurrency($formattedValue$config);

    return htmlentities($formattedValue, ENT_COMPAT, 'UTF-8', false);
}

    public function sHtmlEntities($string$char_set = null)
    {
        if (empty($char_set)) {
            $char_set = $this->sSettings['encoding'];
        }

        return htmlentities($string, ENT_COMPAT | ENT_HTML401, $char_set);
    }

    /** * @param string|null $string * @param string $esc_type * @param string|null $char_set * * @return mixed|string */
    public function sFormatString($string$esc_type = '', $char_set = null)
    {
        

        }

        if (!empty($params['tag'])) {
            $params['tag'] = strtolower($params['tag']);

            $attr = '';
            foreach ($params as $key => $param) {
                if (\in_array($key['name', 'tag', 'assign', 'name', 'namespace', 'default', 'force'])) {
                    continue;
                }
                $attr .= ' ' . $key . '="' . htmlentities($param, ENT_COMPAT, mb_internal_encoding(), false) . '"';
            }

            $content = htmlentities($content, ENT_COMPAT, mb_internal_encoding(), false);
            $content = "<{$params['tag']}$attr>" . $content . "</{$params['tag']}>";
        }

        if (isset($params['assign'])) {
            if ($template !== null) {
                $template->assign($params['assign']$content);
            }

            
// let PCRE (preg_*) treat strings as ISO-8859-1 if we're not dealing with UTF-8 if (Smarty::$_CHARSET !== 'UTF-8') {
    Smarty::$_UTF8_MODIFIER = '';
}

/** * Smarty exception class * @package Smarty */
class SmartyException extends Exception {
    public function __construct($message) {
        $this->message = htmlentities($message);
    }
}

/** * Smarty compiler exception class * @package Smarty */
class SmartyCompilerException extends SmartyException  {
}

/** * Autoloader */


        foreach ($fetchLoggedInUsers as &$user) {
            $user['customer'] = htmlentities($user['customer'], ENT_COMPAT | ENT_HTML401, 'UTF-8');
        }

        $this->View()->assign(
            [
                'success' => true,
                'data' => [
                    'customers' => $fetchLoggedInUsers,
                    'visitors' => $result,
                    'currentUsers' => $currentUsers,
                ],
            ]
        );
$widget_options[ $widget_id ]['number'] = $number;

    if ( 'POST' === $_SERVER['REQUEST_METHOD'] && isset( $_POST['widget-rss'][ $number ] ) ) {
        $_POST['widget-rss'][ $number ]         = wp_unslash( $_POST['widget-rss'][ $number ] );
        $widget_options[ $widget_id ]           = wp_widget_rss_process( $_POST['widget-rss'][ $number ] );
        $widget_options[ $widget_id ]['number'] = $number;

        // Title is optional. If black, fill it if possible.         if ( ! $widget_options[ $widget_id ]['title'] && isset( $_POST['widget-rss'][ $number ]['title'] ) ) {
            $rss = fetch_feed( $widget_options[ $widget_id ]['url'] );
            if ( is_wp_error( $rss ) ) {
                $widget_options[ $widget_id ]['title'] = htmlentities( __( 'Unknown Feed' ) );
            } else {
                $widget_options[ $widget_id ]['title'] = htmlentities( strip_tags( $rss->get_title() ) );
                $rss->__destruct();
                unset( $rss );
            }
        }

        update_option( 'dashboard_widget_options', $widget_options );

        $locale    = get_user_locale();
        $cache_key = 'dash_v2_' . md5( $widget_id . '_' . $locale );
        
Home | Imprint | This part of the site doesn't use cookies.