php教程

超轻量级php框架startmvc

Yii净化器CHtmlPurifier用法示例(过滤不良代码)

更新时间:2020-03-10 01:07:59 作者:startmvc
本文实例讲述了Yii净化器CHtmlPurifier用法。分享给大家供大家参考,具体如下:1.在控制器中

本文实例讲述了Yii净化器CHtmlPurifier用法。分享给大家供大家参考,具体如下:

1. 在控制器中使用:


public function actionCreate()
{
 $model=new News;
 $purifier = new CHtmlPurifier();
 $purifier->options = array(
 'URI.AllowedSchemes'=>array(
 'http' => true,
 'https' => true,
 ),
 'HTML.Allowed'=>'div',
 );
 if(isset($_POST['News']))
 {
 $model->attributes=$_POST['News'];
 $model->attributes['content'] = $purifier->purify($model->attributes['content']);
 if($model->save())
 $this->redirect(array('view','id'=>$model->id));
 }
}

2. 在模型中的使用:


protected function beforeSave()
{
 $purifier = new CHtmlPurifier();
 $purifier->options = array(
 'URI.AllowedSchemes'=>array(
 'http' => true,
 'https' => true,
 ),
 'HTML.Allowed'=>'div',
 );
 if(parent::beforeSave()){
 if($this->isNewRecord){
 $this->create_data = date('y-m-d H:m:s');
 $this->content = $purifier->purify($this->content);
 }
 return true;
 }else{
 return false;
 }
}

3. 在过滤器中的使用:


public function filters()
{
 return array(
 'accessControl', // perform access control for CRUD operations
 'postOnly + delete', // we only allow deletion via POST request
 'purifier + create', //载入插入页面时进行些过滤操作
 );
}
public function filterPurifier($filterChain){
 $purifier = new CHtmlPurifier();
 $purifier->options = array(
 'URI.AllowedSchemes'=>array(
 'http' => true,
 'https' => true,
 ),
 'HTML.Allowed'=>'div',
 );
 if(isset($_POST['news']){
 $_POST['news']['content'] = $purify($_POST['news']['content']);
 }
 $filterChain->run();
}

4. 在视图中的使用:


<?php $this->beginWidget('CHtmlPurifier'); ?>
...display user-entered content here...
<?php $this->endWidget(); ?>

Yii 净化器 CHtmlPurifier 过滤 不良代码