aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordave <dave@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-04-17 12:46:14 +0000
committerdave <dave@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-04-17 12:46:14 +0000
commit8f695bf25152245f97542cbd8adbd8bcbf186ca5 (patch)
tree2e9cb27c0753d6965a8e0af6cdad7cd4f5b9a9ee
parent8eeedce86b8a20314eaefdbdda4223f0cb038184 (diff)
downloadelgg-8f695bf25152245f97542cbd8adbd8bcbf186ca5.tar.gz
elgg-8f695bf25152245f97542cbd8adbd8bcbf186ca5.tar.bz2
small tweak to kses input, for now.
git-svn-id: https://code.elgg.org/elgg/trunk@3220 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--engine/lib/input.php168
1 files changed, 84 insertions, 84 deletions
diff --git a/engine/lib/input.php b/engine/lib/input.php
index 5ac3ad618..a7afa834a 100644
--- a/engine/lib/input.php
+++ b/engine/lib/input.php
@@ -15,7 +15,7 @@
* Get some input from variables passed on the GET or POST line.
*
* @param $variable string The variable we want to return.
- * @param $default mixed A default value for the variable if it is not found.
+ * @param $default mixed A default value for the variable if it is not found.
* @param $filter_result If true then the result is filtered for bad tags.
*/
function get_input($variable, $default = "", $filter_result = true)
@@ -26,15 +26,15 @@
if (isset($CONFIG->input[$variable]))
return $CONFIG->input[$variable];
- if (isset($_REQUEST[$variable])) {
+ if (isset($_REQUEST[$variable])) {
- if (is_array($_REQUEST[$variable])) {
- $var = $_REQUEST[$variable];
- } else {
+ if (is_array($_REQUEST[$variable])) {
+ $var = $_REQUEST[$variable];
+ } else {
$var = trim($_REQUEST[$variable]);
}
-
- if ($filter_result)
+
+ if ($filter_result)
$var = filter_tags($var);
return $var;
@@ -55,51 +55,51 @@
global $CONFIG;
if (!isset($CONFIG->input))
- $CONFIG->input = array();
-
- if (is_array($value))
- {
- foreach ($value as $key => $val)
- $value[$key] = trim($val);
-
- $CONFIG->input[trim($variable)] = $value;
- }
+ $CONFIG->input = array();
+
+ if (is_array($value))
+ {
+ foreach ($value as $key => $val)
+ $value[$key] = trim($val);
+
+ $CONFIG->input[trim($variable)] = $value;
+ }
else
$CONFIG->input[trim($variable)] = trim($value);
- }
-
- /**
- * Kses filtering of tags, called on a plugin hook
- *
- * @param mixed $var Variable to filter
- * @return mixed
- */
- function kses_filter_tags($hook, $entity_type, $returnvalue, $params)
- {
- $return = $returnvalue;
- $var = $returnvalue;
-
- if (@include_once(dirname(dirname(dirname(__FILE__)))) . "/vendors/kses/kses.php") {
-
- global $CONFIG;
-
- $allowedtags = $CONFIG->allowedtags;
- $allowedprotocols = $CONFIG->allowedprotocols;
-
- if (!is_array($var)) {
- $return = "";
- $return = kses($var, $allowedtags, $allowedprotocols);
- } else {
- $return = array();
-
- foreach($var as $key => $el) {
- $return[$key] = kses($el, $allowedtags, $allowedprotocols);
- }
- }
- }
-
- return $return;
+ }
+
+ /**
+ * Kses filtering of tags, called on a plugin hook
+ *
+ * @param mixed $var Variable to filter
+ * @return mixed
+ */
+ function kses_filter_tags($hook, $entity_type, $returnvalue, $params)
+ {
+ $return = $returnvalue;
+ $var = $returnvalue;
+
+ if (@include_once(dirname(dirname(dirname(__FILE__)))) . "/vendors/kses/kses.php") {
+
+ global $CONFIG;
+
+ $allowedtags = $CONFIG->allowedtags;
+ $allowedprotocols = $CONFIG->allowedprotocols;
+
+ if (!is_array($var)) {
+ $return = "";
+ $return = kses($var, $allowedtags, $allowedprotocols);
+ } else {
+ $return = array();
+
+ foreach($var as $key => $el) {
+ $return[$key] = kses($el, $allowedtags, $allowedprotocols);
+ }
+ }
+ }
+
+ return $return;
}
/**
@@ -110,27 +110,27 @@
function filter_tags($var)
{
return trigger_plugin_hook('validate', 'input', null, $var);
- }
-
- /**
- * Sanitise file paths for input, ensuring that they begin and end with slashes etc.
- *
- * @param string $path The path
- * @return string
- */
- function sanitise_filepath($path)
- {
- // Convert to correct UNIX paths
- $path = str_replace('\\', '/', $path);
-
- // Sort trailing slash
- $path = trim($path);
- $path = rtrim($path, " /");
- $path = $path . "/";
-
- return $path;
}
-
+
+ /**
+ * Sanitise file paths for input, ensuring that they begin and end with slashes etc.
+ *
+ * @param string $path The path
+ * @return string
+ */
+ function sanitise_filepath($path)
+ {
+ // Convert to correct UNIX paths
+ $path = str_replace('\\', '/', $path);
+
+ // Sort trailing slash
+ $path = trim($path);
+ $path = rtrim($path, " /");
+ $path = $path . "/";
+
+ return $path;
+ }
+
/**
* Takes a string and turns any URLs into formatted links
@@ -138,16 +138,16 @@
* @param string $text The input string
* @return string The output stirng with formatted links
**/
- function parse_urls($text) {
-
- return preg_replace_callback('/(?<!=["\'])((ht|f)tps?:\/\/[^\s\r\n\t<>"\'\!\(\)]+)/i',
- create_function(
- '$matches',
- '
- $url = $matches[1];
- $urltext = str_replace("/", "/<wbr />", $url);
- return "<a href=\"$url\" style=\"text-decoration:underline;\">$urltext</a>";
- '
+ function parse_urls($text) {
+
+ return preg_replace_callback('/(?<!=["\'])((ht|f)tps?:\/\/[^\s\r\n\t<>"\'\!\(\)]+)/i',
+ create_function(
+ '$matches',
+ '
+ $url = $matches[1];
+ $urltext = str_replace("/", "/<wbr />", $url);
+ return "<a href=\"$url\" style=\"text-decoration:underline;\">$urltext</a>";
+ '
), $text);
}
@@ -362,7 +362,7 @@
'longdesc' => array (),
'vspace' => array (),
'src' => array (),
-// 'style' => array (),
+ 'style' => array (),
'width' => array ()),
'ins' => array(
'datetime' => array (),
@@ -380,7 +380,7 @@
'align' => array (),
'dir' => array(),
'lang' => array(),
-// 'style' => array (),
+ 'style' => array (),
'xml:lang' => array()),
'pre' => array(
// 'style' => array(),
@@ -494,9 +494,9 @@
$CONFIG->allowedprotocols = array('http', 'https', 'ftp', 'news', 'mailto', 'rtsp', 'teamspeak', 'gopher', 'mms',
'color', 'callto', 'cursor', 'text-align', 'font-size', 'font-weight', 'font-style',
- 'border', 'margin', 'padding', 'float');
-
- // For now, register the kses for processing
+ 'border', 'margin', 'padding', 'float');
+
+ // For now, register the kses for processing
register_plugin_hook('validate', 'input', 'kses_filter_tags', 1);
}