Exemple #1
0
/**
 * Sanitizes content from bad protocols and other characters.
 *
 * This function searches for URL protocols at the beginning of $string, while
 * handling whitespace and HTML entities.
 *
 * @param string $string Content to check for bad protocols
 * @param string $allowed_protocols Allowed protocols
 * @return string Sanitized content
 */
function kses_bad_protocol_once($string, $allowed_protocols)
{
    $string2 = preg_split('/:|&#0*58;|&#x0*3a;/i', $string, 2);
    if (isset($string2[1]) && !preg_match('%/\\?%', $string2[0])) {
        $string = kses_bad_protocol_once2($string2[0], $allowed_protocols) . trim($string2[1]);
    }
    return $string;
}
function kses_bad_protocol_once($string, $allowed_protocols)
{
    $callback = function ($matches) use($allowed_protocols) {
        return kses_bad_protocol_once2($matches[1], $allowed_protocols);
    };
    return preg_replace_callback('/^((&[^;]*;|[\\sA-Za-z0-9])*)' . '(:|:|&#[Xx]3[Aa];)\\s*/', $callback, $string);
}