mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-12 18:46:20 +02:00
Code Issues Releases Wiki Activity

Additional checking

Browse Source
This commit is contained in:
e107steved
2011-05-28 16:23:40 +00:00
parent 676d7b78cc
commit 77d0506059
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
e107_handlers/e_parse_class.php
View File

@ -601,12 +601,25 @@ class e_parse
$s = preg_replace_callback('#('.implode('|', $vl).')#mis', array($this, 'modtag'), $t); $s = preg_replace_callback('#('.implode('|', $vl).')#mis', array($this, 'modtag'), $t);
} }
} }
$s = preg_replace('#(?:onmouse.+?|onclick)\s*?\=#', '[sanitised]$0[/sanitised]', $s);
$s = preg_replace_callback('#base64([,\(])(.+?)([\)\'\"])#mis', array($this, 'proc64'), $s);
$ans .= $s; $ans .= $s;
} }
return $ans; return $ans;
} }
/**
* Check base-64 encoded code
*/
private function proc64($match)
{
$decode = base64_decode($match[2]);
return 'base64'.$match[1].base64_encode($this->dataFilter($decode)).$match[3];
}
private function modTag($match) private function modTag($match)
{ {
$ans = ''; $ans = '';