<?php
/*
+--------------------------------------------------------------------+
- | CiviCRM version 5 |
- +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2020 |
- +--------------------------------------------------------------------+
- | This file is a part of CiviCRM. |
- | |
- | CiviCRM is free software; you can copy, modify, and distribute it |
- | under the terms of the GNU Affero General Public License |
- | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
+ | Copyright CiviCRM LLC. All rights reserved. |
| |
- | CiviCRM is distributed in the hope that it will be useful, but |
- | WITHOUT ANY WARRANTY; without even the implied warranty of |
- | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
- | See the GNU Affero General Public License for more details. |
- | |
- | You should have received a copy of the GNU Affero General Public |
- | License and the CiviCRM Licensing Exception along |
- | with this program; if not, contact CiviCRM LLC |
- | at info[AT]civicrm[DOT]org. If you have questions about the |
- | GNU Affero General Public License or the licensing of CiviCRM, |
- | see the CiviCRM license FAQ at http://civicrm.org/licensing |
+ | This work is published under the GNU AGPLv3 license with some |
+ | permitted exceptions and without any warranty. For full license |
+ | and copyright information, see https://civicrm.org/licensing |
+--------------------------------------------------------------------+
*/
* escaping scheme and consequently remove HTMLInputCoder.
*
* @package CRM
- * @copyright CiviCRM LLC (c) 2004-2020
+ * @copyright CiviCRM LLC https://civicrm.org/licensing
*/
class CRM_Utils_API_HTMLInputCoder extends CRM_Utils_API_AbstractFieldCoder {
private $skipFields = NULL;
}
}
elseif ($castToString || is_string($values)) {
- $values = str_replace(['<', '>'], ['<', '>'], $values);
+ $values = $this->encodeValue($values);
+ }
+ }
+
+ public function encodeValue($value) {
+ return str_replace(['<', '>'], ['<', '>'], $value);
+ }
+
+ /**
+ * Perform in-place decode on strings (in a list of records).
+ *
+ * @param array $rows
+ * Ex in: $rows[0] = ['first_name' => 'A&W'].
+ * Ex out: $rows[0] = ['first_name' => 'A&W'].
+ */
+ public function encodeRows(&$rows) {
+ foreach ($rows as $rid => $row) {
+ $this->encodeRow($rows[$rid]);
+ }
+ }
+
+ /**
+ * Perform in-place encode on strings (in a single record).
+ *
+ * @param array $row
+ * Ex in: ['first_name' => 'A&W'].
+ * Ex out: ['first_name' => 'A&W'].
+ */
+ public function encodeRow(&$row) {
+ foreach ($row as $k => $v) {
+ if (is_string($v) && !$this->isSkippedField($k)) {
+ $row[$k] = $this->encodeValue($v);
+ }
}
}
}
}
elseif ($castToString || is_string($values)) {
- $values = str_replace(['<', '>'], ['<', '>'], $values);
+ $values = $this->decodeValue($values);
+ }
+ }
+
+ public function decodeValue($value) {
+ return str_replace(['<', '>'], ['<', '>'], $value);
+ }
+
+ /**
+ * Perform in-place decode on strings (in a list of records).
+ *
+ * @param array $rows
+ * Ex in: $rows[0] = ['first_name' => 'A&W'].
+ * Ex out: $rows[0] = ['first_name' => 'A&W'].
+ */
+ public function decodeRows(&$rows) {
+ foreach ($rows as $rid => $row) {
+ $this->decodeRow($rows[$rid]);
+ }
+ }
+
+ /**
+ * Perform in-place decode on strings (in a single record).
+ *
+ * @param array $row
+ * Ex in: ['first_name' => 'A&W'].
+ * Ex out: ['first_name' => 'A&W'].
+ */
+ public function decodeRow(&$row) {
+ foreach ($row as $k => $v) {
+ if (is_string($v) && !$this->isSkippedField($k)) {
+ $row[$k] = $this->decodeValue($v);
+ }
}
}