helpers.php ➔ squantoCleanupString() - Code Metrics - Inspection of "Fix: add stub path for cache" - thinktomorrow/squanto - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 6a01eb...ed3330 )

by Ben

created 2019-10-01 07:27 UTC

helpers.php ➔ squantoCleanupString() A

↳ Parent: Project

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes

Metric	Value
cc	1
nc	1
nop	1
dl	0
loc	6
ccs	2
cts	2
cp	1
crap	1
rs	10
c	0
b	0
f	0

<?php

/**
 * --------------------------------------------------------------------------
 * Helper: squantoCleanupString
 * --------------------------------------------------------------------------
 *
 * Takes an input and cleans up a regular string from unwanted input
 *
 * @param 	string 	$value
 * @return 	string
 */
if(!function_exists('squantoCleanupString'))
{
    function squantoCleanupString( $value )
    {
        $value = strip_tags($value);

        return trim($value);
    }
}

/**
 * --------------------------------------------------------------------------
 * Helper: squantoCleanupHTML
 * --------------------------------------------------------------------------
 *
 * Takes an input and cleans up unwanted / malicious HTML
 *
 * @param 	string 	$value
 * @param 	string 	$whitelist - if false no tagstripping will occur - other than htmlpurifier
 * @return 	string
 */
if(!function_exists('squantoCleanupHTML'))
{
    function squantoCleanupHTML( $value, $whitelist = null )
    {
        if(is_null($whitelist))
        {
            $whitelist = '<code><span><div><label><a><br><p><b><i><del><strike><u><img><video><audio><iframe><object><embed><param><blockquote><mark><cite><small><ul><ol><li><hr><dl><dt><dd><sup><sub><big><pre><code><figure><figcaption><strong><em><table><tr><td><th><tbody><thead><tfoot><h1><h2><h3><h4><h5><h6>';
        }

        // Strip entire blocks of malicious code
        $value = preg_replace(array(
            '@<script[^>]*?>.*?</script>@si',
            '@onclick=[^ ].*? @si'
        ),'',$value);

        // strip unwanted tags via whitelist...
        if(false !== $whitelist) $value = strip_tags($value, $whitelist);

        // cleanup HTML and any unwanted attributes
        $config = \HTMLPurifier_Config::createDefault();
        $config->set('Cache.SerializerPath', config('squanto.htmlPurifierCache' ));

        $purifier = new \HTMLPurifier($config);
        $value = $purifier->purify( $value );

        /**
         * htmlPurifier converts characters to their encode equivalents. This is something
         * that we need to reverse after the htmlPurifier cleanup.
         */
        $value  = str_replace('&amp;', '&', $value);

        return $value;
    }
}


1		<?php
2
3		/**
4		* --------------------------------------------------------------------------
5		* Helper: squantoCleanupString
6		* --------------------------------------------------------------------------
7		*
8		* Takes an input and cleans up a regular string from unwanted input
9		*
10		* @param string $value
11		* @return string
12		*/
13	1	if(!function_exists('squantoCleanupString'))
14		{
15		function squantoCleanupString( $value )
16		{
17	2	$value = strip_tags($value);
18
19	2	return trim($value);
20		}
21		}
22
23		/**
24		* --------------------------------------------------------------------------
25		* Helper: squantoCleanupHTML
26		* --------------------------------------------------------------------------
27		*
28		* Takes an input and cleans up unwanted / malicious HTML
29		*
30		* @param string $value
31		* @param string $whitelist - if false no tagstripping will occur - other than htmlpurifier
32		* @return string
33		*/
34	1	if(!function_exists('squantoCleanupHTML'))
35		{
36		function squantoCleanupHTML( $value, $whitelist = null )
37		{
38	5	if(is_null($whitelist))
39		{
40	5	$whitelist = '<code><span><div><label><a><br><p><b><i><del><strike><u><img><video><audio><iframe><object><embed><param><blockquote><mark><cite><small><ul><ol><li><hr><dl><dt><dd><sup><sub><big><pre><code><figure><figcaption><strong><em><table><tr><td><th><tbody><thead><tfoot><h1><h2><h3><h4><h5><h6>';
41		}
42
43		// Strip entire blocks of malicious code
44	5	$value = preg_replace(array(
45	5	'@<script[^>]?>.?</script>@si',
46		'@onclick=[^ ].*? @si'
47	5	),'',$value);
48
49		// strip unwanted tags via whitelist...
50	5	if(false !== $whitelist) $value = strip_tags($value, $whitelist);
51
52		// cleanup HTML and any unwanted attributes
53	5	$config = \HTMLPurifier_Config::createDefault();
54	5	$config->set('Cache.SerializerPath', config('squanto.htmlPurifierCache' ));
55
56	5	$purifier = new \HTMLPurifier($config);
57	5	$value = $purifier->purify( $value );
58
59		/**
60		* htmlPurifier converts characters to their encode equivalents. This is something
61		* that we need to reverse after the htmlPurifier cleanup.
62		*/
63	5	$value = str_replace('&', '&', $value);
64
65	5	return $value;
66		}
67		}
68

thinktomorrow / squanto

Push — master ( 6a01eb...ed3330 )

helpers.php ➔ squantoCleanupString() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like