While building a ticketing system frontend I stumbled upon an issue found by our QA team.
The problem is that we are not filtering any non-printable characters, which could lead to strange issues:
copy-paste example code does not work
clients abusing the form by pasting multiple non-printable characters, which actually got no meaning
If we require the client to enter any non-printable characters, we can request him to upload a text file to the ticket.
So, what should be considered while removing the non-printables?
I would like to thank in advance to all the participans in this discussion!
Apparently there are 2 sets of UTF-8 non-printable control characters based on this resource:
http://www.utf8-chartable.de/
With that in mind the array in the function would look like that:
array(
'/\x00/', '/\x01/', '/\x02/', '/\x03/', '/\x04/',
'/\x05/', '/\x06/', '/\x07/', '/\x08/', '/\x09/',
'/\x0A/', '/\x0B/', '/\x0C/', '/\x0D/', '/\x0E/', '/\x0F/', '/\x10/',
'/\x11/', '/\x12/', '/\x13/', '/\x14/', '/\x15/', '/\x16/', '/\x17/',
'/\x18/', '/\x19/', '/\x1A/', '/\x1B/', '/\x1C/', '/\x1D/', '/\x1E/',
'/\x1F/', '/\x7F/', '/\xC2 \x80/', '/\xC2 \x81/', '/\xC2 \x82/',
'/\xC2 \x83/', '/\xC2 \x84/', '/\xC2 \x85/', '/\xC2 \x86/', '/\xC2 \x87/',
'/\xC2 \x88/', '/\xC2 \x89/', '/\xC2 \x8A/', '/\xC2 \x8B/', '/\xC2 \x8C/',
'/\xC2 \x8D/', '/\xC2 \x8E/', '/\xC2 \x8F/', '/\xC2 \x90/', '/\xC2 \x91/',
'/\xC2 \x92/', '/\xC2 \x93/', '/\xC2 \x94/', '/\xC2 \x95/', '/\xC2 \x96/',
'/\xC2 \x97/', '/\xC2 \x98/', '/\xC2 \x99/', '/\xC2 \x9A/', '/\xC2 \x9B/',
'/\xC2 \x9C/', '/\xC2 \x9D/', '/\xC2 \x9E/', '/\xC2 \x8F/'
);
We're currently using the following PHP method:
function filterNonPrintableCharacters($text)
{
$text = preg_replace(
array(
'/\x00/', '/\x01/', '/\x02/', '/\x03/', '/\x04/',
'/\x05/', '/\x06/', '/\x07/', '/\x08/', '/\x09/',
'/\x0B/','/\x0C/','/\x0D/', '/\x0E/', '/\x0F/', '/\x10/', '/\x11/',
'/\x12/','/\x13/','/\x14/','/\x15/', '/\x16/', '/\x17/', '/\x18/',
'/\x19/','/\x1A/','/\x1B/','/\x1C/','/\x1D/', '/\x1E/', '/\x1F/'
),
'',
$text
);
return $text;
}
I may be missing something and so I'll be grateful for any comments.
Related
How to Turn off pluralization altogether in cakephp2.2
This is the source code of my page:
<form action="/scores/exam2014s/aview" id="exam2014AviewForm" method="post" accept-charset="utf-8">
In the above code suffix - 's' in 'exam2014s' is appearing automatically, which i dont want kindly help how to avoide the pluralization of the above.
In the bootstrap.php, I have used the following code enter code hereto turnoff pluralization:
Inflector::rules(
'plural',
array(
'rules' => array('/^([a-zA-Z_-]*)$/i' => '\1'),
'irregular' => array(),
'uninflected' => array()
)
);
With the above code in bootstrap I could not fix the problem.
Code in my index.ctp is below:
echo $this->Form->create('exam2014', array('action' => 'aview'));
echo $this->Form->label('Page.name','Name: ',null);
echo $this->Form->input('qr_code');
echo $this->Form->submit();
echo $this->Form->end();
Thanks in advance.
Sai Krishna
why not simply the following code?
echo $this->Form->create(
'exam2014',
array(
'url' => array('controller' => 'exam2014', 'action' => 'aview')
)
)
Since Cake2.x the form posts to itself by default.
So simply do:
echo $this->Form->create('Exam2014');
I am trying to submit a form using the submit button created like this:
$form['actions'] = array('#type' => 'actions');
$form['actions']['submit'] = array(
'#type' => 'submit',
'#value' => t('Submit'),
'#weight' => 5,
'#submit' => array('edit_form_submit'),
);
However when the form is submit the
function edit_form_submit($form, &$form_state){
dsm('IM HERE!!!');
}
does not get run.
I have checked the usual things line:
the $form['#form_id'] is 'edit_form' and $form['#type'] is set to 'form'.
I'm not quite stuck on this. I do think it must be a simple overlooked problem but I dont see it.
Any Ideas??
If you require more information please ask.
You cant do it in this way ,
you have to do something like this
function mymodule_myfrom($form, &$form_state){
$form['actions']['submit'] = array(
'#type' => 'submit',
'#value' => t('Submit'),
'#weight' => 5,
);
return $form;
}
function mymodule_myfrom_submit($form, &$form_values){
dsm('IM HERE!!!');
}
To call your form do this
$myfrom=drupal_get_form('mymodule_myfrom');
print drupal_render($myfrom);
to see complete example check out this example module, you can find from example
https://drupal.org/project/examples
Also you can check tutorials like this one
http://mrphp.com.au/blog/how-make-simple-form-module-drupal
I have a search form, which uses a Search controller/model.
echo $this->Form->create('Search', array('action' => 'query', 'type' => 'get'));
...
echo $this->Form->end();
But by default the form submits to '/searches/query'. How do I get the URL of the search page to be /search/query instead?
I don't really want to use .htaccess rewrites if possible, as that seems kind of messy. Hoping there is a tidy Cake way of doing this.
I think this could be done with a custom Inflector rule in bootstrap.php maybe, but I'm not sure how.
Just use the router. In your routes file, add:
Router::connect('/search/:action/*', array('controller' => 'searches'));
Router::connect('/search/*', array('controller' => 'searches', 'action' => 'index'));
Read more about the router in the book.
Isn't there a way to say:
echo $this->Form->create('Search', array('action' => 'search/query', 'type' => 'get'));
And then setting up a router for this?
$this->Router->('search/query', array('controller' => 'searches', 'action' => 'query'));
I make a project with Zend, i'm new. And this is my idea:
http://mydomain.com/username
Will show content same as:
--> http://mydomain.com/profile/index/u/username
and http://mydomain.com/username/gallery
Will show content same as:
--> http://mydomain.com/profile/gallery/u/username
( profile controller )
Can Zend does something like this?
Please help. Thanks so much.
And right now, I'm learning Zend 1.1.1 as primaty download on their website, but I 'm seeing Zend 2.x is Beta. Should I still learn Zend 1.x ? or waiting Zend 2.x come out.
Use .htaccess rewrites for this.
or add another route that executes the same controller action:
$router->addRoute(
'profile_2',
new Zend_Controller_Router_Route(':username', array(
'controller' => 'profile',
'action' => 'showUser'
))
);
U can use this piece of magic route ;)
$router = Zend_Front_Controller::getInstance()->getRouter();
$router->addRoute(
'user',
new Zend_Controller_Router_Route(':u/:action', array(
'controller' => 'profile',
'action' => 'index',
'u' => null
))
);
everyone, I have create a zend form have a checkbox for license agreement. I want to show an error message when a user submit the form with out checking the agreement check box.
Thanks
Anurodh
There is a bug in zend_framework with the required checkbox. But you can do something like this.
$this->addElement(
'checkbox', 'checbkox_name', array(
'required' => true,
'uncheckedValue' => null
)
);
edit for readability
$acceptAggrement = new Zend_Form_Element_Checkbox('accept_aggrement');
$acceptAggrement->setLabel("Accept Aggrement :");
$acceptAggrement->setUncheckedValue(null);
$acceptAggrement->setRequired(true);