PHP JLMS_InputFilter Examples

Programming Language: PHP

Class/Type: JLMS_InputFilter

Examples at hotexamples.com: 2

PHP JLMS_InputFilter - 2 examples found. These are the top rated real world PHP examples of JLMS_InputFilter extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

badAttributeValue(1)

process(1)

Example #1

Show file

File: jlms_text_process.php Project: parkmi/dolschool14

function JLMS_ProcessText_HardFilter($text)
{
    $iFilter = new JLMS_InputFilter(null, null, 1, 1);
    $new_text = $iFilter->process($text);
    return $new_text;
}

Example #2

Show file

File: joomla_lms.class.php Project: parkmi/dolschool14

 function filterAttr($attrSet)
 {
     /*
      * Initialize variables
      */
     $newSet = array();
     /*
      * Iterate through attribute pairs
      */
     for ($i = 0; $i < count($attrSet); $i++) {
         /*
          * Skip blank spaces
          */
         if (!$attrSet[$i]) {
             continue;
         }
         /*
          * Split into name/value pairs
          */
         $attrSubSet = explode('=', trim($attrSet[$i]), 2);
         list($attrSubSet[0]) = explode(' ', $attrSubSet[0]);
         /*
          * Remove all "non-regular" attribute names
          * AND blacklisted attributes
          */
         if (!preg_match("/^[a-z]*\$/i", $attrSubSet[0]) || $this->xssAuto && (in_array(strtolower($attrSubSet[0]), $this->attrBlacklist) || substr($attrSubSet[0], 0, 2) == 'on')) {
             continue;
         }
         /*
          * XSS attribute value filtering
          */
         if ($attrSubSet[1]) {
             // strips unicode, hex, etc
             $attrSubSet[1] = str_replace('&#', '', $attrSubSet[1]);
             // strip normal newline within attr value
             //$attrSubSet[1] = preg_replace('/\s+/', '', $attrSubSet[1]);
             // 25 Jan 2008 - the line above is commented by DEN ! (to allow spaces in the attribute values) (also was added the line below - \n is newline break, but not a \s)
             $attrSubSet[1] = preg_replace('/\\n+/', '', $attrSubSet[1]);
             // strip double quotes
             $attrSubSet[1] = str_replace('"', '', $attrSubSet[1]);
             // [requested feature] convert single quotes from either side to doubles (Single quotes shouldn't be used to pad attr value)
             if (substr($attrSubSet[1], 0, 1) == "'" && substr($attrSubSet[1], strlen($attrSubSet[1]) - 1, 1) == "'") {
                 $attrSubSet[1] = substr($attrSubSet[1], 1, strlen($attrSubSet[1]) - 2);
             }
             // strip slashes
             $attrSubSet[1] = stripslashes($attrSubSet[1]);
         }
         /*
          * Autostrip script tags
          */
         if (JLMS_InputFilter::badAttributeValue($attrSubSet)) {
             continue;
         }
         /*
          * Is our attribute in the user input array?
          */
         $attrFound = in_array(strtolower($attrSubSet[0]), $this->attrArray);
         /*
          * If the tag is allowed lets keep it
          */
         if (!$attrFound && $this->attrMethod || $attrFound && !$this->attrMethod) {
             /*
              * Does the attribute have a value?
              */
             if ($attrSubSet[1]) {
                 $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[1] . '"';
             } elseif ($attrSubSet[1] == "0") {
                 /*
                  * Special Case
                  * Is the value 0?
                  */
                 $newSet[] = $attrSubSet[0] . '="0"';
             } else {
                 $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[0] . '"';
             }
         }
     }
     return $newSet;
 }