<?php // How to improve the default stripInput function to strip some new input strings ? // In this example we would like strip +someting+ or *something* input strings // for that we define a new stripInput function: myOwnStripInput // we reuse the functions stripslashes, stripTags and stripHtml provided by AS // we add the function stripOtherTags // in the snippet call add &stripInput=`myOwnStripInput` or defined it in this config file $debug = -2; // to allow a debug trace with firePhp function myOwnStripInput($searchString){ if ($searchString !== ''){ // Remove escape characters $searchString = stripslashes($searchString); // Remove modx sensitive tags $searchString = stripTags($searchString); // Remove +something+ substring too $searchString = stripOtherTags($searchString); // Strip HTML tags $searchString = stripHtml($searchString); } return $searchString; } function stripOtherTags($text){ // Regular expressions to remove +something+ $modRegExArray[] = '~\+(.*?)\+~'; // +something+ $modRegExArray[] = '~\*(.*?)\*~'; // *something* // Remove modx sensitive tags foreach ($modRegExArray as $mReg)$text = preg_replace($mReg,'',$text); return $text; } ?>
function mrhawStripInput($searchString) {
if (!function_exists('mrhawStripInput')) function mrhawStripInput($searchString) {
<?php // How to improve the default stripInput function to strip some new input strings ? // In this example we would like strip +someting+ or *something* input strings // for that we define a new stripInput function: myOwnStripInput // we reuse the functions stripslashes, stripTags and stripHtml provided by AS // we add the function stripOtherTags // in the snippet call add &stripInput=`myOwnStripInput` or defined it in this config file $debug = -2; // to allow a debug trace with firePhp if (!function_exists('myOwnStripInput')) { function myOwnStripInput($searchString) { if ($searchString !== ''){ // Remove escape characters $searchString = stripslashes($searchString); // Remove modx sensitive tags $searchString = stripTags($searchString); // Remove +something+ substring too $searchString = stripOtherTags($searchString); // Strip HTML tags $searchString = stripHtml($searchString); } return $searchString; } } if (!function_exists('stripOtherTags')) { function stripOtherTags($text) { // Regular expressions to remove +something+ $modRegExArray[] = '~\+(.*?)\+~'; // +something+ $modRegExArray[] = '~\*(.*?)\*~'; // *something* // Remove modx sensitive tags foreach ($modRegExArray as $mReg)$text = preg_replace($mReg,'',$text); return $text; } } ?>
// $stripSnip [ true | false ] // Strip out snippet calls etc from the search string? $stripSnip = true; // $stripSnippets [ true | false ] // Strip out snippet names so users will not be able to "search" to see what snippets are used in your content. This is a security benefit, as users will not be able to search for what pages use specific snippets. $stripSnippets = true;
// Remove snippet names if ($stripSnippets && $searchString != ''){ // get all the snippet names $tbl = $etomite->dbConfig['dbase'] . "." . $etomite->dbConfig['table_prefix'] . "site_snippets"; $snippetSql = "SELECT $tbl.name FROM $tbl;"; $snippetRs = $etomite->dbQuery($snippetSql); $snippetCount = $etomite->recordCount($snippetRs); $snippetNameArray = array(); for ($s = 0; $s < $snippetCount; $s++){ $thisSnippetRow = $etomite->fetchRow($snippetRs); $snippetNameArray[] = strtolower($thisSnippetRow['name']); }
function defaultStripInput($searchString){ if ($searchString !== ''){ // Remove escape characters $searchString = stripslashes($searchString); // Remove modx sensitive tags $searchString = stripTags($searchString); // Strip HTML tags $searchString = stripHtml($searchString); } return $searchString; }
function stripOtherTags($text){ // Regular expressions to remove +something+ $modRegExArray[] = '~\+(.*?)\+~'; // +phx+ // Regular expressions to remove some bad words $badWords = array('pagetitle','longtitle','intro'); // any bad words you want foreach($badWords as $bw) $modRegExArray[] = '~'.$bw.'~'; // Remove modx sensitive tags foreach ($modRegExArray as $mReg)$text = preg_replace($mReg,'',$text); return $text; }