本文實例講述了Yii凈化器CHtmlPurifier用法。分享給大家供大家參考,具體如下:
1. 在控制器中使用:
public function actionCreate(){ $model=new News; $purifier = new CHtmlPurifier(); $purifier->options = array( 'URI.AllowedSchemes'=>array( 'http' => true, 'https' => true, ), 'HTML.Allowed'=>'div', ); if(isset($_POST['News'])) { $model->attributes=$_POST['News']; $model->attributes['content'] = $purifier->purify($model->attributes['content']); if($model->save()) $this->redirect(array('view','id'=>$model->id)); }}2. 在模型中的使用:
protected function beforeSave(){ $purifier = new CHtmlPurifier(); $purifier->options = array( 'URI.AllowedSchemes'=>array( 'http' => true, 'https' => true, ), 'HTML.Allowed'=>'div', ); if(parent::beforeSave()){ if($this->isNewRecord){ $this->create_data = date('y-m-d H:m:s'); $this->content = $purifier->purify($this->content); } return true; }else{ return false; }}3. 在過濾器中的使用:
public function filters(){ return array( 'accessControl', // perform access control for CRUD operations 'postOnly + delete', // we only allow deletion via POST request 'purifier + create', //載入插入頁面時進行些過濾操作 );}public function filterPurifier($filterChain){ $purifier = new CHtmlPurifier(); $purifier->options = array( 'URI.AllowedSchemes'=>array( 'http' => true, 'https' => true, ), 'HTML.Allowed'=>'div', ); if(isset($_POST['news']){ $_POST['news']['content'] = $purify($_POST['news']['content']); } $filterChain->run();}4. 在視圖中的使用:
<?php $this->beginWidget('CHtmlPurifier'); ?>...display user-entered content here...<?php $this->endWidget(); ?>
