From 1775f64f9b9374c8c0d790d39e8d37c3cc1120da Mon Sep 17 00:00:00 2001
From: Jen Wachter <jenleighkelly@gmail.com>
Date: Tue, 20 Sep 2016 14:34:19 -0400
Subject: [PATCH] Added striptags sanitizer

---
 src/Utility/Sanitizer.php       | 47 ++++++++++++++++++++++++++++++---
 tests/Utility/SanitizerTest.php |  9 ++++---
 2 files changed, 48 insertions(+), 8 deletions(-)

diff --git a/src/Utility/Sanitizer.php b/src/Utility/Sanitizer.php
index 11a367f..bc4fdb6 100644
--- a/src/Utility/Sanitizer.php
+++ b/src/Utility/Sanitizer.php
@@ -19,20 +19,59 @@ public function __construct($data = array())
     $this->data = $data;
   }
 
-  public function stripslashes()
+  /**
+   * Apply a function to each value
+   * @param  string $function Function name (ex: "stripslashes")
+   * @param  array  $args     Function arguments
+   * @return null
+   */
+  protected function apply($function, $args = array())
   {
     foreach ($this->data as $key => &$value) {
 
       if (!is_array($value)) {
-        $value = stripslashes($value);
+        $value = $this->applyToValue($function, $args, $value);
       } else {
-        $value = array_map(function ($v) {
-          return stripslashes($v);
+        $value = array_map(function ($v) use ($function, $args) {
+          return $this->applyToValue($function, $args, $v);
         }, $value);
       }
 
     }
+  }
+
+  /**
+   * Apply a function to a single form value
+   * @param  string $function Function name
+   * @param  array  $args     Function arguments
+   * @param  string $value    Value to apply functon to
+   * @return string Sanitized value
+   */
+  protected function applyToValue($function, $args, $value)
+  {
+    array_unshift($args, $value);
+    return call_user_func_array($function, $args);
+  }
 
+  /**
+   * Strip slashes from data
+   * @return object self
+   */
+  public function stripslashes()
+  {
+    $this->apply("stripslashes");
+    return $this;
+  }
+
+  /**
+   * Remove tags from data
+   * @param  array  $except Array of tags ex: <br>
+   * @return object self
+   */
+  public function striptags($except = array())
+  {
+    $except = implode("", $except);
+    $this->apply("strip_tags", array($except));
     return $this;
   }
 }
diff --git a/tests/Utility/SanitizerTest.php b/tests/Utility/SanitizerTest.php
index 6929921..d50748e 100644
--- a/tests/Utility/SanitizerTest.php
+++ b/tests/Utility/SanitizerTest.php
@@ -4,10 +4,10 @@
 
 class SanitizerTest extends \PHPUnit_Framework_TestCase
 {
-  public function testValidateHtmlAndAddable()
+  public function testSanitize()
   {
     $given = array(
-      "field1" => "A string with an escaped apostrophe: it\'s",
+      "field1" => "<p>A <strong>string</strong> with an <script></script>escaped apostrophe: it\'s</p>",
       "field2" => array(
         "it\'s cool",
         "yeah it\'s cool"
@@ -15,7 +15,7 @@ public function testValidateHtmlAndAddable()
     );
 
     $expected = array(
-      "field1" => "A string with an escaped apostrophe: it's",
+      "field1" => "<p>A <strong>string</strong> with an escaped apostrophe: it's</p>",
       "field2" => array(
         "it's cool",
         "yeah it's cool"
@@ -25,7 +25,8 @@ public function testValidateHtmlAndAddable()
     $sanitizer = new Sanitizer($given);
 
     $sanitizer
-      ->stripslashes();
+      ->stripslashes()
+      ->striptags(array("<p>", "<strong>"));
 
     $this->assertEquals($expected, $sanitizer->data);
   }