Hi all,
I am having a few problems and wonder if anybody can help me: I can't allow tags or attributes. I don't have magic quotes on. What could be causing it?
PHP Code:
function editAction()
{
$this->view->title = "Edit Album";
$album = new Album();
if ($this->_request->isPost()) {
Zend_Loader::loadClass('Zend_Filter_StripTags');
// This isn't working for me, it is supposed to allow these tags and attributes, but will do neither.
$allowedTags = array('b', 'i', 'br', 'font');
$allowedAttributes = array('size', 'face');
$filter = new Zend_Filter_StripTags($allowedTags, $allowedAttributes);
$id = (int)$this->_request->getPost('id');
$artist = $filter->filter($this->_request->getPost('artist'));
$artist = trim($artist);
$title = trim($filter->filter($this->_request->getPost('title')));
if ($id !== false) {
if ($artist != '' && $title != '') {
$data = array('artist' => $artist, 'title' => $title, );
$where = 'id = ' . $id;
$album->update($data, $where);
$this->_redirect('/');
return;
} else {
$this->view->album = $album->fetchRow('id=' . $id);
}
}
} else {
// album id should be $params['id']
$id = (int)$this->_request->getParam('id', 0);
if ($id > 0) {
$this->view->album = $album->fetchRow('id=' . $id);
}
}
03-14-2008, 11:17 PM
Linear Mode
