From 566de88eb3a15b58600f5195dc7b185b8aae0d41 Mon Sep 17 00:00:00 2001 From: marcus Date: Fri, 17 Apr 2009 13:08:55 +0000 Subject: Reverted last git-svn-id: https://code.elgg.org/elgg/trunk@3221 36083f99-b078-4883-b0ff-0f9b5a30f544 --- engine/lib/input.php | 168 +++++++++++++++++++++++++-------------------------- 1 file changed, 84 insertions(+), 84 deletions(-) diff --git a/engine/lib/input.php b/engine/lib/input.php index a7afa834a..5ac3ad618 100644 --- a/engine/lib/input.php +++ b/engine/lib/input.php @@ -15,7 +15,7 @@ * Get some input from variables passed on the GET or POST line. * * @param $variable string The variable we want to return. - * @param $default mixed A default value for the variable if it is not found. + * @param $default mixed A default value for the variable if it is not found. * @param $filter_result If true then the result is filtered for bad tags. */ function get_input($variable, $default = "", $filter_result = true) @@ -26,15 +26,15 @@ if (isset($CONFIG->input[$variable])) return $CONFIG->input[$variable]; - if (isset($_REQUEST[$variable])) { + if (isset($_REQUEST[$variable])) { - if (is_array($_REQUEST[$variable])) { - $var = $_REQUEST[$variable]; - } else { + if (is_array($_REQUEST[$variable])) { + $var = $_REQUEST[$variable]; + } else { $var = trim($_REQUEST[$variable]); } - - if ($filter_result) + + if ($filter_result) $var = filter_tags($var); return $var; @@ -55,51 +55,51 @@ global $CONFIG; if (!isset($CONFIG->input)) - $CONFIG->input = array(); - - if (is_array($value)) - { - foreach ($value as $key => $val) - $value[$key] = trim($val); - - $CONFIG->input[trim($variable)] = $value; - } + $CONFIG->input = array(); + + if (is_array($value)) + { + foreach ($value as $key => $val) + $value[$key] = trim($val); + + $CONFIG->input[trim($variable)] = $value; + } else $CONFIG->input[trim($variable)] = trim($value); - } - - /** - * Kses filtering of tags, called on a plugin hook - * - * @param mixed $var Variable to filter - * @return mixed - */ - function kses_filter_tags($hook, $entity_type, $returnvalue, $params) - { - $return = $returnvalue; - $var = $returnvalue; - - if (@include_once(dirname(dirname(dirname(__FILE__)))) . "/vendors/kses/kses.php") { - - global $CONFIG; - - $allowedtags = $CONFIG->allowedtags; - $allowedprotocols = $CONFIG->allowedprotocols; - - if (!is_array($var)) { - $return = ""; - $return = kses($var, $allowedtags, $allowedprotocols); - } else { - $return = array(); - - foreach($var as $key => $el) { - $return[$key] = kses($el, $allowedtags, $allowedprotocols); - } - } - } - - return $return; + } + + /** + * Kses filtering of tags, called on a plugin hook + * + * @param mixed $var Variable to filter + * @return mixed + */ + function kses_filter_tags($hook, $entity_type, $returnvalue, $params) + { + $return = $returnvalue; + $var = $returnvalue; + + if (@include_once(dirname(dirname(dirname(__FILE__)))) . "/vendors/kses/kses.php") { + + global $CONFIG; + + $allowedtags = $CONFIG->allowedtags; + $allowedprotocols = $CONFIG->allowedprotocols; + + if (!is_array($var)) { + $return = ""; + $return = kses($var, $allowedtags, $allowedprotocols); + } else { + $return = array(); + + foreach($var as $key => $el) { + $return[$key] = kses($el, $allowedtags, $allowedprotocols); + } + } + } + + return $return; } /** @@ -110,27 +110,27 @@ function filter_tags($var) { return trigger_plugin_hook('validate', 'input', null, $var); + } + + /** + * Sanitise file paths for input, ensuring that they begin and end with slashes etc. + * + * @param string $path The path + * @return string + */ + function sanitise_filepath($path) + { + // Convert to correct UNIX paths + $path = str_replace('\\', '/', $path); + + // Sort trailing slash + $path = trim($path); + $path = rtrim($path, " /"); + $path = $path . "/"; + + return $path; } - - /** - * Sanitise file paths for input, ensuring that they begin and end with slashes etc. - * - * @param string $path The path - * @return string - */ - function sanitise_filepath($path) - { - // Convert to correct UNIX paths - $path = str_replace('\\', '/', $path); - - // Sort trailing slash - $path = trim($path); - $path = rtrim($path, " /"); - $path = $path . "/"; - - return $path; - } - + /** * Takes a string and turns any URLs into formatted links @@ -138,16 +138,16 @@ * @param string $text The input string * @return string The output stirng with formatted links **/ - function parse_urls($text) { - - return preg_replace_callback('/(?"\'\!\(\)]+)/i', - create_function( - '$matches', - ' - $url = $matches[1]; - $urltext = str_replace("/", "/", $url); - return "$urltext"; - ' + function parse_urls($text) { + + return preg_replace_callback('/(?"\'\!\(\)]+)/i', + create_function( + '$matches', + ' + $url = $matches[1]; + $urltext = str_replace("/", "/", $url); + return "$urltext"; + ' ), $text); } @@ -362,7 +362,7 @@ 'longdesc' => array (), 'vspace' => array (), 'src' => array (), - 'style' => array (), +// 'style' => array (), 'width' => array ()), 'ins' => array( 'datetime' => array (), @@ -380,7 +380,7 @@ 'align' => array (), 'dir' => array(), 'lang' => array(), - 'style' => array (), +// 'style' => array (), 'xml:lang' => array()), 'pre' => array( // 'style' => array(), @@ -494,9 +494,9 @@ $CONFIG->allowedprotocols = array('http', 'https', 'ftp', 'news', 'mailto', 'rtsp', 'teamspeak', 'gopher', 'mms', 'color', 'callto', 'cursor', 'text-align', 'font-size', 'font-weight', 'font-style', - 'border', 'margin', 'padding', 'float'); - - // For now, register the kses for processing + 'border', 'margin', 'padding', 'float'); + + // For now, register the kses for processing register_plugin_hook('validate', 'input', 'kses_filter_tags', 1); } -- cgit v1.2.3