XOOPS
2.6.0
Main Page
Related Pages
Classes
Files
Examples
File List
File Members
textfilter.php
Go to the documentation of this file.
1
<?php
2
/*
3
You may not change or alter any portion of this comment or credits
4
of supporting developers from this source code or any supporting source code
5
which is considered copyrighted (c) material of the original comment or credit authors.
6
7
This program is distributed in the hope that it will be useful,
8
but WITHOUT ANY WARRANTY; without even the implied warranty of
9
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10
*/
11
24
class
MytsTextfilter
extends
MyTextSanitizerExtension
25
{
32
public
function
load
(
MyTextSanitizer
&
$ts
,
$text
, $force =
false
)
33
{
34
$xoops
=
Xoops::getInstance
();
35
if
(empty($force) &&
$xoops
->userIsAdmin) {
36
return
$text
;
37
}
38
// Built-in fitlers for XSS scripts
39
// To be improved
40
$text
= $ts->
filterXss
(
$text
);
41
42
if
(
XoopsLoad::load
(
"purifier"
,
"framework"
)) {
43
$text
= XoopsPurifier::purify(
$text
);
44
return
$text
;
45
}
46
47
$tags = array();
48
$search
= array();
49
$replace = array();
50
$config
= parent::loadConfig(__DIR__);
51
if
(!empty(
$config
[
"patterns"
])) {
52
foreach
(
$config
[
"patterns"
] as $pattern) {
53
if
(empty($pattern[
'search'
])) {
54
continue
;
55
}
56
$search
[] = $pattern[
'search'
];
57
$replace[] = $pattern[
'replace'
];
58
}
59
}
60
if
(!empty(
$config
[
"tags"
])) {
61
$tags = array_map(
"trim"
,
$config
[
"tags"
]);
62
}
63
64
// Set embedded tags
65
$tags[] =
"SCRIPT"
;
66
$tags[] =
"VBSCRIPT"
;
67
$tags[] =
"JAVASCRIPT"
;
68
foreach
($tags as $tag) {
69
$search
[] =
"/<"
. $tag .
"[^>]*?>.*?<\/"
. $tag .
">/si"
;
70
$replace[] =
" [!"
. strtoupper($tag) .
" FILTERED!] "
;
71
}
72
// Set meta refresh tag
73
$search
[] =
"/<META[^>\/]*HTTP-EQUIV=(['\"])?REFRESH(\\1)[^>\/]*?\/>/si"
;
74
$replace[] =
""
;
75
// Sanitizing scripts in IMG tag
76
//$search[]= "/(<IMG[\s]+[^>\/]*SOURCE=)(['\"])?(.*)(\\2)([^>\/]*?\/>)/si";
77
//$replace[]="";
78
// Set iframe tag
79
$search
[] =
"/<IFRAME[^>\/]*SRC=(['\"])?([^>\/]*)(\\1)[^>\/]*?\/>/si"
;
80
$replace[] =
" [!IFRAME FILTERED! \\2] "
;
81
$search
[] =
"/<IFRAME[^>]*?>([^<]*)<\/IFRAME>/si"
;
82
$replace[] =
" [!IFRAME FILTERED! \\1] "
;
83
// action
84
$text
= preg_replace(
$search
, $replace,
$text
);
85
return
$text
;
86
}
87
}
MyTextSanitizerExtension\$config
$config
Definition:
module.textsanitizer.php:46
Xoops\getInstance
static getInstance()
Definition:
Xoops.php:160
MyTextSanitizer\filterXss
filterXss($text)
Definition:
module.textsanitizer.php:472
$text
$text
Definition:
qrrender.php:27
$search
$search
Definition:
index.php:28
$xoops
$xoops
Definition:
admin.php:25
XoopsLoad\load
static load($name, $type="core")
Definition:
xoopsload.php:65
MyTextSanitizer
Definition:
module.textsanitizer.php:157
MytsTextfilter
Definition:
textfilter.php:24
MytsTextfilter\load
load(MyTextSanitizer &$ts, $text, $force=false)
Definition:
textfilter.php:32
MyTextSanitizerExtension\$ts
$ts
Definition:
module.textsanitizer.php:41
MyTextSanitizerExtension
Definition:
module.textsanitizer.php:31
usr64
htdocs
class
textsanitizer
textfilter
textfilter.php
Generated on Fri May 22 2015 03:07:00 for XOOPS by
1.8.9.1