diff options
-rw-r--r-- | engine/lib/input.php | 168 |
1 files changed, 84 insertions, 84 deletions
diff --git a/engine/lib/input.php b/engine/lib/input.php index a7afa834a..5ac3ad618 100644 --- a/engine/lib/input.php +++ b/engine/lib/input.php @@ -15,7 +15,7 @@ * Get some input from variables passed on the GET or POST line.
*
* @param $variable string The variable we want to return.
- * @param $default mixed A default value for the variable if it is not found.
+ * @param $default mixed A default value for the variable if it is not found. * @param $filter_result If true then the result is filtered for bad tags.
*/
function get_input($variable, $default = "", $filter_result = true)
@@ -26,15 +26,15 @@ if (isset($CONFIG->input[$variable]))
return $CONFIG->input[$variable];
- if (isset($_REQUEST[$variable])) {
+ if (isset($_REQUEST[$variable])) { - if (is_array($_REQUEST[$variable])) {
- $var = $_REQUEST[$variable];
- } else {
+ if (is_array($_REQUEST[$variable])) { + $var = $_REQUEST[$variable]; + } else { $var = trim($_REQUEST[$variable]);
}
-
- if ($filter_result)
+ + if ($filter_result) $var = filter_tags($var);
return $var;
@@ -55,51 +55,51 @@ global $CONFIG;
if (!isset($CONFIG->input))
- $CONFIG->input = array();
-
- if (is_array($value))
- {
- foreach ($value as $key => $val)
- $value[$key] = trim($val);
-
- $CONFIG->input[trim($variable)] = $value;
- }
+ $CONFIG->input = array(); + + if (is_array($value)) + { + foreach ($value as $key => $val) + $value[$key] = trim($val); + + $CONFIG->input[trim($variable)] = $value; + } else
$CONFIG->input[trim($variable)] = trim($value);
- }
-
- /**
- * Kses filtering of tags, called on a plugin hook
- *
- * @param mixed $var Variable to filter
- * @return mixed
- */
- function kses_filter_tags($hook, $entity_type, $returnvalue, $params)
- {
- $return = $returnvalue;
- $var = $returnvalue;
-
- if (@include_once(dirname(dirname(dirname(__FILE__)))) . "/vendors/kses/kses.php") {
-
- global $CONFIG;
-
- $allowedtags = $CONFIG->allowedtags;
- $allowedprotocols = $CONFIG->allowedprotocols;
-
- if (!is_array($var)) {
- $return = "";
- $return = kses($var, $allowedtags, $allowedprotocols);
- } else {
- $return = array();
-
- foreach($var as $key => $el) {
- $return[$key] = kses($el, $allowedtags, $allowedprotocols);
- }
- }
- }
-
- return $return;
+ } + + /** + * Kses filtering of tags, called on a plugin hook + * + * @param mixed $var Variable to filter + * @return mixed + */ + function kses_filter_tags($hook, $entity_type, $returnvalue, $params) + { + $return = $returnvalue; + $var = $returnvalue; + + if (@include_once(dirname(dirname(dirname(__FILE__)))) . "/vendors/kses/kses.php") { + + global $CONFIG; + + $allowedtags = $CONFIG->allowedtags; + $allowedprotocols = $CONFIG->allowedprotocols; + + if (!is_array($var)) { + $return = ""; + $return = kses($var, $allowedtags, $allowedprotocols); + } else { + $return = array(); + + foreach($var as $key => $el) { + $return[$key] = kses($el, $allowedtags, $allowedprotocols); + } + } + } + + return $return; }
/**
@@ -110,27 +110,27 @@ function filter_tags($var)
{
return trigger_plugin_hook('validate', 'input', null, $var);
+ } + + /** + * Sanitise file paths for input, ensuring that they begin and end with slashes etc. + * + * @param string $path The path + * @return string + */ + function sanitise_filepath($path) + { + // Convert to correct UNIX paths + $path = str_replace('\\', '/', $path); + + // Sort trailing slash + $path = trim($path); + $path = rtrim($path, " /"); + $path = $path . "/"; + + return $path; }
-
- /**
- * Sanitise file paths for input, ensuring that they begin and end with slashes etc.
- *
- * @param string $path The path
- * @return string
- */
- function sanitise_filepath($path)
- {
- // Convert to correct UNIX paths
- $path = str_replace('\\', '/', $path);
-
- // Sort trailing slash
- $path = trim($path);
- $path = rtrim($path, " /");
- $path = $path . "/";
-
- return $path;
- }
-
+ /**
* Takes a string and turns any URLs into formatted links
@@ -138,16 +138,16 @@ * @param string $text The input string
* @return string The output stirng with formatted links
**/
- function parse_urls($text) {
-
- return preg_replace_callback('/(?<!=["\'])((ht|f)tps?:\/\/[^\s\r\n\t<>"\'\!\(\)]+)/i',
- create_function(
- '$matches',
- '
- $url = $matches[1];
- $urltext = str_replace("/", "/<wbr />", $url);
- return "<a href=\"$url\" style=\"text-decoration:underline;\">$urltext</a>";
- '
+ function parse_urls($text) { + + return preg_replace_callback('/(?<!=["\'])((ht|f)tps?:\/\/[^\s\r\n\t<>"\'\!\(\)]+)/i', + create_function( + '$matches', + ' + $url = $matches[1]; + $urltext = str_replace("/", "/<wbr />", $url); + return "<a href=\"$url\" style=\"text-decoration:underline;\">$urltext</a>"; + ' ), $text);
}
@@ -362,7 +362,7 @@ 'longdesc' => array (),
'vspace' => array (),
'src' => array (),
- 'style' => array (),
+// 'style' => array (),
'width' => array ()),
'ins' => array(
'datetime' => array (),
@@ -380,7 +380,7 @@ 'align' => array (),
'dir' => array(),
'lang' => array(),
- 'style' => array (),
+// 'style' => array (),
'xml:lang' => array()),
'pre' => array(
// 'style' => array(),
@@ -494,9 +494,9 @@ $CONFIG->allowedprotocols = array('http', 'https', 'ftp', 'news', 'mailto', 'rtsp', 'teamspeak', 'gopher', 'mms',
'color', 'callto', 'cursor', 'text-align', 'font-size', 'font-weight', 'font-style',
- 'border', 'margin', 'padding', 'float');
-
- // For now, register the kses for processing
+ 'border', 'margin', 'padding', 'float'); + + // For now, register the kses for processing register_plugin_hook('validate', 'input', 'kses_filter_tags', 1);
}
|