function testUnsetPattern() { $configuration = array(array('keyPatternUnset' => array('/^hello/'))); $filter = DeclFilter::fromConfiguration($configuration); $data = $filter->filter(array('hello123' => '123abc', 'hello456' => '123abc', 'world' => '123abc')); $this->assertFalse(isset($data['hello123'])); $this->assertFalse(isset($data['hello456'])); $this->assertEquals($data['world'], '123abc'); }
'tab' => 'digits', 'javascript_enabled' => 'alpha', 'XDEBUG_PROFILE' => 'int', ), 'staticKeyFiltersForArrays' => array( 'cat_managed' => 'digits', 'cat_categories' => 'digits', ), ) ); $inputFilter = DeclFilter::fromConfiguration($inputConfiguration, array('catchAllFilter')); if ( ( isset($prefs['tiki_allow_trust_input']) && $prefs['tiki_allow_trust_input'] !== 'y' ) || $tiki_p_trust_input != 'y') { $inputFilter->addCatchAllFilter('xss'); } $cookieFilter = DeclFilter::fromConfiguration($inputConfiguration, array('catchAllFilter')); $cookieFilter->addCatchAllFilter('striptags'); $_GET = $inputFilter->filter($_GET); $_POST = $inputFilter->filter($_POST); $_COOKIE = $cookieFilter->filter($_COOKIE); // Rebuild request with filtered values $_REQUEST = array_merge($_GET, $_POST); if ( ( isset($prefs['tiki_allow_trust_input']) && $prefs['tiki_allow_trust_input'] !== 'y' ) || $tiki_p_trust_input != 'y') { $varcheck_vars = array('_COOKIE', '_GET', '_POST', '_ENV', '_SERVER'); $varcheck_errors = ''; foreach ($varcheck_vars as $var) { if (!isset($$var)) continue; if (($tmp = varcheck($$var, $var)) != '') { if ($varcheck_errors != '') $varcheck_errors.= '<br />'; $varcheck_errors.= $tmp;
<?php // (c) Copyright 2002-2015 by authors of the Tiki Wiki CMS Groupware Project // // All Rights Reserved. See copyright.txt for details and a complete list of authors. // Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details. // $Id$ // To (re-)enable this script the file has to be named tiki-installer.php and the following four lines // must start with two '/' and 'stopinstall:'. (Make sure there are no spaces inbetween // and stopinstall: !) //this script may only be included - so its better to die if called directly. if (strpos($_SERVER["SCRIPT_NAME"], basename(__FILE__)) !== false) { header("location: index.php"); exit; } $inputConfiguration = array(array('staticKeyFilters' => array('admin_account' => 'striptags', 'admin_email' => 'striptags', 'browsertitle' => 'striptags', 'convert_to_utf8' => 'xss', 'db' => 'alpha', 'dbinfo' => 'alpha', 'email_test_cc' => 'digits', 'error_reporting_adminonly' => 'alpha', 'error_reporting_level' => 'int', 'feature_switch_ssl_mode' => 'alpha', 'feature_show_stay_in_ssl_mode' => 'alpha', 'fix_disable_accounts' => 'alpha', 'fix_double_encoding' => 'xss', 'force_utf8' => 'alpha', 'general_settings' => 'alpha', 'https_login' => 'word', 'https_port' => 'digits', 'install_step' => 'digits', 'install_type' => 'word', 'lang' => 'lang', 'log_tpl' => 'alpha', 'multi' => 'striptags', 'perform_mail_test' => 'alpha', 'previous_encoding' => 'word', 'reset' => 'alpha', 'resetdb' => 'alpha', 'scratch' => 'word', 'sender_email' => 'striptags', 'smarty_notice_reporting' => 'alpha', 'test' => 'alnum', 'test2' => 'digits', 'test3' => 'int', 'test4' => 'word', 'update' => 'word', 'useInnoDB' => 'digits'))); $inputFilter = DeclFilter::fromConfiguration($inputConfiguration); $_GET = $inputFilter->filter($_GET); $_POST = $inputFilter->filter($_POST); $_REQUEST = array_merge($_GET, $_POST); require_once 'tiki-filter-base.php'; // Define and load Smarty components global $prefs; $prefs = array(); $prefs['smarty_notice_reporting'] = 'n'; $prefs['smarty_compilation'] = 'always'; $prefs['smarty_security'] = 'y'; require_once 'lib/init/initlib.php'; require_once 'lib/tikilib.php'; set_error_handler("tiki_error_handling", error_reporting()); require_once 'lib/init/smarty.php'; require_once 'installer/installlib.php';