- Модуль: tasks
- Путь к файлу: ~/bitrix/modules/tasks/classes/general/tasktools.php
- Класс: CTasksTools
- Вызов: CTasksTools::SanitizeHtmlDescriptionIfNeed
static function SanitizeHtmlDescriptionIfNeed($rawHtml)
{
static $bUseHtmlSanitizer = null;
static $oSanitizer = null;
// Init sanitizer (if we need it) only once at hit
if ($bUseHtmlSanitizer === null)
{
$bSanitizeLevel = COption::GetOptionString('tasks', 'sanitize_level');
if ($bSanitizeLevel >= 0)
{
$bUseHtmlSanitizer = true;
if ( !
in_array(
$bSanitizeLevel,
array(
CBXSanitizer::SECURE_LEVEL_HIGH,
CBXSanitizer::SECURE_LEVEL_MIDDLE,
CBXSanitizer::SECURE_LEVEL_LOW
)
)
)
{
$bSanitizeLevel = CBXSanitizer::SECURE_LEVEL_HIGH;
}
$oSanitizer = new CBXSanitizer();
$oSanitizer->SetLevel($bSanitizeLevel);
$oSanitizer->AddTags(
array(
'blockquote' => array('style', 'class', 'id'),
'colgroup' => array('style', 'class', 'id'),
'col' => array('style', 'class', 'id', 'width', 'height', 'span', 'style')
)
);
$oSanitizer->ApplyHtmlSpecChars(true);
// if we don't disable this, than text such as "df 1 < 2 dasfa and 5 > 4 will be partially lost"
$oSanitizer->DeleteSanitizedTags(false);
}
else
$bUseHtmlSanitizer = false;
}
if ( ! $bUseHtmlSanitizer )
return ($rawHtml);
return ($oSanitizer->SanitizeHtml(htmlspecialcharsback($rawHtml)));
}