nikitakiselev/interview-demo-code
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(products): encode html for title on products page

Browse Source
This commit is contained in:
Nikita Kiselev
2025-10-24 14:25:01 +03:00
parent aa42643c34
commit 78ca4fd309
3 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
module/oc_telegram_shop/upload/oc_telegram_shop/src/Handlers/CategoriesHandler.php
View File

@@ -4,6 +4,7 @@ declare(strict_types=1);
namespace App\Handlers; namespace App\Handlers;
use App\Support\Utils;
use Openguru\OpenCartFramework\Config\Settings; use Openguru\OpenCartFramework\Config\Settings;
use Openguru\OpenCartFramework\Http\JsonResponse; use Openguru\OpenCartFramework\Http\JsonResponse;
use Openguru\OpenCartFramework\Http\Request; use Openguru\OpenCartFramework\Http\Request;
@@ -79,7 +80,7 @@ class CategoriesHandler
return [ return [
'id' => (int)$category['id'], 'id' => (int)$category['id'],
'image' => $category['image'] ?? '', 'image' => $category['image'] ?? '',
'name' => html_entity_decode($category['name'], ENT_QUOTES | ENT_HTML5, 'UTF-8'), 'name' => Utils::htmlEntityEncode($category['name']),
'description' => $category['description'], 'description' => $category['description'],
'children' => $category['children'], 'children' => $category['children'],
]; ];
@@ -102,7 +103,7 @@ class CategoriesHandler
$branch[] = [ $branch[] = [
'id' => (int)$category['id'], 'id' => (int)$category['id'],
'image' => $image, 'image' => $image,
'name' => html_entity_decode($category['name'], ENT_QUOTES | ENT_HTML5, 'UTF-8'), 'name' => Utils::htmlEntityEncode($category['name']),
'description' => $category['description'], 'description' => $category['description'],
'children' => $category['children'] ?? [], 'children' => $category['children'] ?? [],
]; ];

17
module/oc_telegram_shop/upload/oc_telegram_shop/src/Services/ProductsService.php
View File

@@ -2,6 +2,7 @@
namespace App\Services; namespace App\Services;
use App\Support\Utils;
use Cart\Currency; use Cart\Currency;
use Cart\Tax; use Cart\Tax;
use Exception; use Exception;
@@ -147,7 +148,7 @@ class ProductsService
$allImages[] = [ $allImages[] = [
'url' => $image, 'url' => $image,
'alt' => html_entity_decode($product['product_name'], ENT_QUOTES | ENT_HTML5, 'UTF-8'), 'alt' => Utils::htmlEntityEncode($product['product_name']),
]; ];
$price = $this->currency->format( $price = $this->currency->format(
@@ -178,7 +179,7 @@ class ProductsService
return [ return [
'id' => (int) $product['product_id'], 'id' => (int) $product['product_id'],
'product_quantity' => (int) $product['product_quantity'], 'product_quantity' => (int) $product['product_quantity'],
'name' => html_entity_decode($product['product_name'], ENT_QUOTES | ENT_HTML5, 'UTF-8'), 'name' => Utils::htmlEntityEncode($product['product_name']),
'price' => $price, 'price' => $price,
'special' => $special, 'special' => $special,
'images' => $allImages, 'images' => $allImages,
@@ -224,16 +225,14 @@ class ProductsService
$data['tab_review'] = sprintf($this->oc->language->get('tab_review'), $product_info['reviews']); $data['tab_review'] = sprintf($this->oc->language->get('tab_review'), $product_info['reviews']);
$data['product_id'] = $productId; $data['product_id'] = $productId;
$data['name'] = $product_info['name']; $data['name'] = Utils::htmlEntityEncode($product_info['name']);
$data['manufacturer'] = $product_info['manufacturer']; $data['manufacturer'] = $product_info['manufacturer'];
$data['model'] = $product_info['model']; $data['model'] = $product_info['model'];
$data['reward'] = $product_info['reward']; $data['reward'] = $product_info['reward'];
$data['points'] = (int) $product_info['points']; $data['points'] = (int) $product_info['points'];
$data['description'] = html_entity_decode($product_info['description'], ENT_QUOTES, 'UTF-8'); $data['description'] = Utils::htmlEntityEncode($product_info['description']);
$data['share'] = html_entity_decode( $data['share'] = Utils::htmlEntityEncode(
$this->oc->url->link('product/product', 'product_id=' . $productId), $this->oc->url->link('product/product', 'product_id=' . $productId)
ENT_QUOTES | ENT_HTML5,
'UTF-8'
); );
if ($product_info['quantity'] <= 0) { if ($product_info['quantity'] <= 0) {
@@ -272,7 +271,7 @@ class ProductsService
), ),
'width' => $width, 'width' => $width,
'height' => $height, 'height' => $height,
'alt' => html_entity_decode($product_info['name'], ENT_QUOTES | ENT_HTML5, 'UTF-8'), 'alt' => Utils::htmlEntityEncode($product_info['name']),
]; ];
} catch (Exception $e) { } catch (Exception $e) {
$this->logger->logException($e); $this->logger->logException($e);

11
module/oc_telegram_shop/upload/oc_telegram_shop/src/Support/Utils.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
namespace App\Support;
final class Utils
{
public static function htmlEntityEncode(string $string): string
{
return html_entity_decode($string, ENT_QUOTES | ENT_HTML5, 'UTF-8');
}
}