diff --git a/ProcessMaker/SanitizeHelper.php b/ProcessMaker/SanitizeHelper.php index 78127b2a9a..6ea22df67f 100644 --- a/ProcessMaker/SanitizeHelper.php +++ b/ProcessMaker/SanitizeHelper.php @@ -188,43 +188,65 @@ private static function getExceptions($screen) return $except; } - private static function getRichTextElements($items, $parent = null) + private static function getRichTextElements($items, $parent = null, &$elements = []) { - $elements = []; - foreach ($items as $item) { if (isset($item['items']) && is_array($item['items'])) { // Inside loop .. if ($item['component'] == 'FormLoop') { - $elements = array_merge($elements, self::getRichTextElements($item['items'], ($parent ? $parent . '.' . $item['config']['name'] : $item['config']['name']))); - } elseif (isset($item['component']) && $item['component'] === 'FormTextArea' && isset($item['config']['richtext']) && $item['config']['richtext'] === true) { - $elements[] = ($parent ? $parent . '.' . $item['config']['name'] : $item['config']['name']); - // Inside a table .. + self::getRichTextElements( + $item['items'], + ($parent ? $parent . '.' . $item['config']['name'] : $item['config']['name']), + $elements + ); } elseif ($item['component'] == 'FormMultiColumn') { - foreach ($item['items'] as $cell) { - if ( - isset($cell['component']) && - $cell['component'] === 'FormTextArea' && - isset($cell['config']['richtext']) && - $cell['config']['richtext'] === true - ) { - $elements[] = $cell['config']['name']; - } - if (is_array($cell)) { - $elements = array_merge($elements, self::getRichTextElements($cell)); - } - } + self::getVariableMultiColumn($item, $parent, $elements); + } else { + self::getVariableExceptions($item, $parent, $elements); } } else { - if (isset($item['component']) && $item['component'] === 'FormTextArea' && isset($item['config']['richtext']) && $item['config']['richtext'] === true) { - $elements[] = ($parent ? $parent . '.' . $item['config']['name'] : $item['config']['name']); - } + self::getVariableExceptions($item, $parent, $elements); } } return $elements; } + private static function getVariableMultiColumn($item, $parent, &$elements) + { + foreach ($item['items'] as $cell) { + self::getVariableExceptions($cell, $parent, $elements); + if (is_array($cell)) { + self::getRichTextElements($cell, $parent, $elements); + } + } + } + + private static function getVariableExceptions($item, $parent, &$elements) + { + if (!isset($item['component'])) { + return; + } + if (self::renderHtmlIsEnabled($item, 'FormTextArea', 'richtext')) { + $elements[] = ($parent ? $parent . '.' . $item['config']['name'] : $item['config']['name']); + } elseif (self::renderHtmlIsEnabled($item, 'FormHtmlViewer', 'renderVarHtml')) { + preg_match_all("/{{([^{}]*)}}/", $item['config']['content'], $matches); + if ($matches && $matches[1]) { + foreach ($matches[1] as $variable) { + $elements[] = ($parent ? $parent . '.' . $variable : $variable); + } + } + } + } + + private static function renderHtmlIsEnabled($item, $type, $field) + { + return isset($item['config']) + && $item['component'] === $type + && isset($item['config'][$field]) + && $item['config'][$field] === true; + } + public static function sanitizeEmail($email) { $validator = Validator::make(['email' => $email], [