egroupware/etemplate/inc/class.etemplate_widget_htmlarea.inc.php
Ralf Becker 0d66dd98b7 fixed server-side valdation of autorepeated rows/columns
had to change signature of validate function to get information for autorepeating through
removed entity-encoding of square brackets, as they mess up validiation (havnt found any negative effects so far)
2012-05-03 14:17:47 +00:00

43 lines
1.2 KiB
PHP

<?php
/**
* EGroupware - eTemplate serverside htmlarea widget
*
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
* @package etemplate
* @subpackage api
* @link http://www.egroupware.org
* @author Ralf Becker <RalfBecker@outdoor-training.de>
* @copyright 2002-11 by RalfBecker@outdoor-training.de
* @version $Id$
*/
/**
* eTemplate htmlarea widget
*/
class etemplate_widget_htmlarea extends etemplate_widget
{
/**
* Validate input
*
* Input is run throught HTMLpurifier, to make sure users can NOT enter javascript or other nasty stuff (XSS!).
*
* @param string $cname current namespace
* @param array $expand values for keys 'c', 'row', 'c_', 'row_', 'cont'
* @param array $content
* @param array &$validated=array() validated content
* @return boolean true if no validation error, false otherwise
*/
public function validate($cname, array $expand, array $content, &$validated=array())
{
$form_name = self::form_name($cname, $this->id, $expand);
if (!$this->is_readonly($cname, $form_name))
{
$value = self::get_array($content, $form_name);
$valid =& self::get_array($validated, $form_name, true);
$valid = html::purify($value);
}
}
}