lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: use dol_string_nohtmltag instead (with strip_tags)

Browse Source
This commit is contained in:
Regis Houssin 2018-04-06 08:52:02 +02:00
parent c5cf2e4d50
commit b43aca0f8d
5 changed files with 21 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/adherents/class/adherent.class.php
View File

@ -2323,8 +2323,8 @@ class Adherent extends CommonObject
if ($this->phone_perso && ! empty($conf->global->LDAP_MEMBER_FIELD_PHONE_PERSO)) $info[$conf->global->LDAP_MEMBER_FIELD_PHONE_PERSO] = $this->phone_perso;
if ($this->phone_mobile && ! empty($conf->global->LDAP_MEMBER_FIELD_MOBILE)) $info[$conf->global->LDAP_MEMBER_FIELD_MOBILE] = $this->phone_mobile;
if ($this->fax && ! empty($conf->global->LDAP_MEMBER_FIELD_FAX)) $info[$conf->global->LDAP_MEMBER_FIELD_FAX] = $this->fax;
if ($this->note_private && ! empty($conf->global->LDAP_MEMBER_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_MEMBER_FIELD_DESCRIPTION] = html_entity_decode(strip_tags($this->note_private));
if ($this->note_public && ! empty($conf->global->LDAP_MEMBER_FIELD_NOTE_PUBLIC)) $info[$conf->global->LDAP_MEMBER_FIELD_NOTE_PUBLIC] = html_entity_decode(strip_tags($this->note_public));
if ($this->note_private && ! empty($conf->global->LDAP_MEMBER_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_MEMBER_FIELD_DESCRIPTION] = dol_string_nohtmltag($this->note_private, 0, 'UTF-8', 1);
if ($this->note_public && ! empty($conf->global->LDAP_MEMBER_FIELD_NOTE_PUBLIC)) $info[$conf->global->LDAP_MEMBER_FIELD_NOTE_PUBLIC] = dol_string_nohtmltag($this->note_public, 0, 'UTF-8', 1);
if ($this->birth && ! empty($conf->global->LDAP_MEMBER_FIELD_BIRTHDATE)) $info[$conf->global->LDAP_MEMBER_FIELD_BIRTHDATE] = dol_print_date($this->birth,'dayhourldap');
if (isset($this->statut) && ! empty($conf->global->LDAP_FIELD_MEMBER_STATUS)) $info[$conf->global->LDAP_FIELD_MEMBER_STATUS] = $this->statut;
if ($this->datefin && ! empty($conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION)) $info[$conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION] = dol_print_date($this->datefin,'dayhourldap');

2
htdocs/adherents/class/adherent_type.class.php
View File

@ -456,7 +456,7 @@ class AdherentType extends CommonObject
// Champs
if ($this->label && ! empty($conf->global->LDAP_MEMBER_TYPE_FIELD_FULLNAME)) $info[$conf->global->LDAP_MEMBER_TYPE_FIELD_FULLNAME] = $this->label;
if ($this->note && ! empty($conf->global->LDAP_MEMBER_TYPE_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_MEMBER_TYPE_FIELD_DESCRIPTION] = html_entity_decode(strip_tags($this->note));
if ($this->note && ! empty($conf->global->LDAP_MEMBER_TYPE_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_MEMBER_TYPE_FIELD_DESCRIPTION] = dol_string_nohtmltag($this->note, 0, 'UTF-8', 1);
if (! empty($conf->global->LDAP_MEMBER_TYPE_FIELD_GROUPMEMBERS))
{
$valueofldapfield=array();

27
htdocs/core/lib/functions.lib.php
View File

@ -5415,28 +5415,33 @@ function picto_required()
* @param string $stringtoclean String to clean
* @param integer $removelinefeed 1=Replace also new lines by a space, 0=Only last one are removed
* @param string $pagecodeto Encoding of input/output string
* @param integer $strip_tags 1=Use strip_tags php function, 0=Use internal pattern
* @return string String cleaned
*
* @see dol_escape_htmltag strip_tags
*/
function dol_string_nohtmltag($stringtoclean,$removelinefeed=1,$pagecodeto='UTF-8')
function dol_string_nohtmltag($stringtoclean,$removelinefeed=1,$pagecodeto='UTF-8',$strip_tags=0)
{
// TODO Try to replace with strip_tags($stringtoclean)
$pattern = "/<[^<>]+>/";
$stringtoclean = preg_replace('/<br[^>]*>/', "\n", $stringtoclean);
$temp = dol_html_entity_decode($stringtoclean,ENT_COMPAT,$pagecodeto);
if ($strip_tags) {
$temp = strip_tags($stringtoclean);
} else {
$pattern = "/<[^<>]+>/";
$temp = preg_replace('/<br[^>]*>/', "\n", $stringtoclean);
// Exemple of $temp: <a href="/myurl" title="<u>A title</u>">0000-021</a>
$temp = preg_replace($pattern,"",$temp); // pass 1
// $temp after pass 1: <a href="/myurl" title="A title">0000-021
$temp = preg_replace($pattern,"",$temp); // pass 2
// $temp after pass 2: 0000-021
// Exemple of $temp: <a href="/myurl" title="<u>A title</u>">0000-021</a>
$temp = preg_replace($pattern,"",$temp); // pass 1
// $temp after pass 1: <a href="/myurl" title="A title">0000-021
$temp = preg_replace($pattern,"",$temp); // pass 2
// $temp after pass 2: 0000-021
}
$temp = dol_html_entity_decode($temp,ENT_COMPAT,$pagecodeto);
// Supprime aussi les retours
if ($removelinefeed) $temp=str_replace(array("\r\n","\r","\n")," ",$temp);
// et les espaces doubles
while(strpos($temp," "))
while (strpos($temp," "))
{
$temp = str_replace(" "," ",$temp);
}

2
htdocs/user/class/user.class.php
View File

@ -2408,7 +2408,7 @@ class User extends CommonObject
if ($this->address && ! empty($conf->global->LDAP_FIELD_ADDRESS)) $info[$conf->global->LDAP_FIELD_ADDRESS] = $this->address;
if ($this->zip && ! empty($conf->global->LDAP_FIELD_ZIP)) $info[$conf->global->LDAP_FIELD_ZIP] = $this->zip;
if ($this->town && ! empty($conf->global->LDAP_FIELD_TOWN)) $info[$conf->global->LDAP_FIELD_TOWN] = $this->town;
if ($this->note_public && ! empty($conf->global->LDAP_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_FIELD_DESCRIPTION] = html_entity_decode(strip_tags($this->note_public));
if ($this->note_public && ! empty($conf->global->LDAP_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_FIELD_DESCRIPTION] = dol_string_nohtmltag($this->note_public, 0, 'UTF-8', 1);
if ($this->socid > 0)
{
$soc = new Societe($this->db);

2
htdocs/user/class/usergroup.class.php
View File

@ -908,7 +908,7 @@ class UserGroup extends CommonObject
// Champs
if ($this->name && ! empty($conf->global->LDAP_GROUP_FIELD_FULLNAME)) $info[$conf->global->LDAP_GROUP_FIELD_FULLNAME] = $this->name;
//if ($this->name && ! empty($conf->global->LDAP_GROUP_FIELD_NAME)) $info[$conf->global->LDAP_GROUP_FIELD_NAME] = $this->name;
if ($this->note && ! empty($conf->global->LDAP_GROUP_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_GROUP_FIELD_DESCRIPTION] = html_entity_decode(strip_tags($this->note));
if ($this->note && ! empty($conf->global->LDAP_GROUP_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_GROUP_FIELD_DESCRIPTION] = dol_string_nohtmltag($this->note, 0, 'UTF-8', 1);
if (! empty($conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS))
{
$valueofldapfield=array();