LSYii_Validators
extends CValidator
in package
Table of Contents
Properties
- $allowDataUri : bool
- Filter attribute for allowDataUri (default is false)
- $fixCKeditor : bool
- Filter attribute for fixCKeditor
- $isLanguage : bool
- Filter attribute for isLanguage
- $isLanguageMulti : bool
- Filter attribute for isLanguageMulti (multi language string)
- $isUrl : bool
- Filter attribute for url
- $xssfilter : bool
- Filter attribute for XSS
Methods
- __construct() : mixed
- dataUriFilter() : string
- Filters data URIs.
- fixCKeditor() : string
- Remove some empty characters put by CK editor Did we need to do if user don't use inline HTML editor ?
- hasUnsafeScheme() : bool
- Checks if URL contains an unsafe scheme.
- isXssUrl() : bool
- Checks whether an URL seems unsafe in terms of XSS.
- languageCodeFilter() : string
- Filters a language string by removing invalid characters.
- languageFilter() : string
- Function for backward compatibility - see languageCodeFilter()
- multiLanguageCodeFilter() : string
- Filters a multi-language string by removing invalid characters from each language code.
- multiLanguageFilter() : string
- Function for backward compatibility - see multiLanguageCodeFilter()
- removeInvisibleChars() : string
- Removes invisible characters from a string.
- treatSpecialChars() : string
- Decodes URL encoded characters and html entities.
- xssFilter() : string
- Remove any script or dangerous HTML
- validateAttribute() : mixed
Properties
$allowDataUri
Filter attribute for allowDataUri (default is false)
public
bool
$allowDataUri
= \false
$fixCKeditor
Filter attribute for fixCKeditor
public
bool
$fixCKeditor
= \false
$isLanguage
Filter attribute for isLanguage
public
bool
$isLanguage
= \false
$isLanguageMulti
Filter attribute for isLanguageMulti (multi language string)
public
bool
$isLanguageMulti
= \false
$isUrl
Filter attribute for url
public
bool
$isUrl
= \false
$xssfilter
Filter attribute for XSS
public
bool
$xssfilter
= \true
Methods
__construct()
public
__construct() : mixed
dataUriFilter()
Filters data URIs.
public
static dataUriFilter(mixed $value) : string
Parameters
- $value : mixed
Return values
stringfixCKeditor()
Remove some empty characters put by CK editor Did we need to do if user don't use inline HTML editor ?
public
fixCKeditor(string $value) : string
Parameters
- $value : string
Return values
stringhasUnsafeScheme()
Checks if URL contains an unsafe scheme.
public
static hasUnsafeScheme(string $url) : bool
It currently checks for "javascript:" only. Note: URL should be previously decoded.
Parameters
- $url : string
Return values
boolisXssUrl()
Checks whether an URL seems unsafe in terms of XSS.
public
static isXssUrl(string $url) : bool
Parameters
- $url : string
Return values
bool —Returns true if the URL is unsafe.
languageCodeFilter()
Filters a language string by removing invalid characters.
public
static languageCodeFilter(mixed $value) : string
This method validates and sanitizes a language code string by removing all characters except letters (a-z) and hyphens (-). This ensures the value conforms to standard language code formats (e.g., 'en', 'en-US', 'zh-Hans').
Note: This function does NOT check if the language code is available in the general or restricted list of language codes in LimeSurvey
Parameters
- $value : mixed
-
The language string to filter. Can be any type, but only strings are processed.
Return values
string —The filtered language string containing only letters and hyphens. Returns an empty string if the input is empty or not a string.
languageFilter()
Function for backward compatibility - see languageCodeFilter()
public
languageFilter(mixed $value) : string
Parameters
- $value : mixed
-
The language string to filter. Can be any type, but only strings are processed.
Tags
Return values
string —The filtered language string containing only letters and hyphens. Returns an empty string if the input is empty or not a string.
multiLanguageCodeFilter()
Filters a multi-language string by removing invalid characters from each language code.
public
static multiLanguageCodeFilter(mixed $value) : string
This method processes a space-separated string of language codes, applying language code filtering to each individual code. It removes duplicates and empty values, then rejoins the filtered codes back into a space-separated string.
Note: This function does NOT check if the language codes are available in the general or restricted list of language codes in LimeSurvey.
Parameters
- $value : mixed
-
The multi-language string to filter. Should be a space-separated list of language codes. Can be any type, but only strings are processed.
Return values
string —The filtered multi-language string containing only valid language codes separated by spaces. Duplicate codes are removed. Returns an empty string if the input is empty or not a string.
multiLanguageFilter()
Function for backward compatibility - see multiLanguageCodeFilter()
public
multiLanguageFilter(mixed $value) : string
Parameters
- $value : mixed
-
The multi-language string to filter. Should be a space-separated list of language codes. Can be any type, but only strings are processed.
Tags
Return values
string —The filtered multi-language string containing only valid language codes separated by spaces. Duplicate codes are removed. Returns an empty string if the input is empty or not a string.
removeInvisibleChars()
Removes invisible characters from a string.
public
static removeInvisibleChars(string $string) : string
Parameters
- $string : string
Return values
stringtreatSpecialChars()
Decodes URL encoded characters and html entities.
public
static treatSpecialChars(string $string) : string
Parameters
- $string : string
Return values
stringxssFilter()
Remove any script or dangerous HTML
public
xssFilter(null|string $value) : string
Parameters
- $value : null|string
Return values
stringvalidateAttribute()
protected
validateAttribute(mixed $object, mixed $attribute) : mixed
Parameters
- $object : mixed
- $attribute : mixed