/** overloaded check function */ function check() { // filter malicious code $ignoreList = array('params'); $this->filter($ignoreList); // specific filters $iFilter = new InputFilter(); if ($iFilter->badAttributeValue(array('href', $this->url))) { $this->_error = 'Please provide a valid URL'; return false; } /** check for valid name */ if (trim($this->title) == '') { $this->_error = _WEBLINK_TITLE; return false; } if (!(preg_match('http://', $this->url) || preg_match('https://', $this->url) || preg_match('ftp://', $this->url))) { $this->url = 'http://' . $this->url; } /** check for existing name */ $query = "SELECT id" . "\n FROM #__weblinks " . "\n WHERE title = " . $this->_db->Quote($this->title) . "\n AND catid = " . (int) $this->catid; $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($xid && $xid != intval($this->id)) { $this->_error = _WEBLINK_EXIST; return false; } return true; }
/** * Utility function redirect the browser location to another url * * Can optionally provide a message. * @param string The file system path * @param string A filter for the names */ function extRedirect($url, $msg = '') { global $mainframe; // specific filters $iFilter = new InputFilter(); $url = $iFilter->process($url); if (!empty($msg)) { $msg = $iFilter->process($msg); } if ($iFilter->badAttributeValue(array('href', $url))) { $url = $GLOBALS['home_dir']; } if (trim($msg)) { if (strpos($url, '?')) { $url .= '&extmsg=' . urlencode($msg); } else { $url .= '?extmsg=' . urlencode($msg); } } if (headers_sent()) { echo "<script>document.location.href='{$url}';</script>\n"; } else { @ob_end_clean(); // clear output buffer header('HTTP/1.1 301 Moved Permanently'); header("Location: " . $url); } exit; }
/** * Internal method to strip a tag of certain attributes * * @access protected * @param array $attrSet Array of attribute pairs to filter * @return array $newSet Filtered array of attribute pairs */ function filterAttr($attrSet) { /* * Initialize variables */ $newSet = array(); /* * Iterate through attribute pairs */ for ($i = 0; $i < count($attrSet); $i++) { /* * Skip blank spaces */ if (!$attrSet[$i]) { continue; } /* * Split into name/value pairs */ $attrSubSet = explode('=', trim($attrSet[$i]), 2); list($attrSubSet[0]) = explode(' ', $attrSubSet[0]); /* * Remove all "non-regular" attribute names * AND blacklisted attributes */ if (!eregi("^[a-z]*\$", $attrSubSet[0]) || $this->xssAuto && (in_array(strtolower($attrSubSet[0]), $this->attrBlacklist) || substr($attrSubSet[0], 0, 2) == 'on')) { continue; } /* * XSS attribute value filtering */ if ($attrSubSet[1]) { // strips unicode, hex, etc $attrSubSet[1] = str_replace('&#', '', $attrSubSet[1]); // strip normal newline within attr value $attrSubSet[1] = preg_replace('/\\s+/', '', $attrSubSet[1]); // strip double quotes $attrSubSet[1] = str_replace('"', '', $attrSubSet[1]); // [requested feature] convert single quotes from either side to doubles (Single quotes shouldn't be used to pad attr value) if (substr($attrSubSet[1], 0, 1) == "'" && substr($attrSubSet[1], strlen($attrSubSet[1]) - 1, 1) == "'") { $attrSubSet[1] = substr($attrSubSet[1], 1, strlen($attrSubSet[1]) - 2); } // strip slashes $attrSubSet[1] = stripslashes($attrSubSet[1]); } /* * Autostrip script tags */ if (InputFilter::badAttributeValue($attrSubSet)) { continue; } /* * Is our attribute in the user input array? */ $attrFound = in_array(strtolower($attrSubSet[0]), $this->attrArray); /* * If the tag is allowed lets keep it */ if (!$attrFound && $this->attrMethod || $attrFound && !$this->attrMethod) { /* * Does the attribute have a value? */ if ($attrSubSet[1]) { $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[1] . '"'; } elseif ($attrSubSet[1] == "0") { /* * Special Case * Is the value 0? */ $newSet[] = $attrSubSet[0] . '="0"'; } else { $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[0] . '"'; } } } return $newSet; }
function shRedirect($url, $msg = '', $redirKind = '301', $msgType = 'message') { global $mainframe; $sefConfig =& shRouter::shGetConfig(); // specific filters if (class_exists('InputFilter')) { $iFilter = new InputFilter(); $url = $iFilter->process($url); if (!empty($msg)) { $msg = $iFilter->process($msg); } if ($iFilter->badAttributeValue(array('href', $url))) { $url = $GLOBALS['shConfigLiveSite']; } } // If the message exists, enqueue it if (JString::trim($msg)) { $mainframe->enqueueMessage($msg, $msgType); } // Persist messages if they exist if (count($mainframe->_messageQueue)) { $session =& JFactory::getSession(); $session->set('application.queue', $mainframe->_messageQueue); } if (headers_sent()) { echo "<script>document.location.href='{$url}';</script>\n"; } else { @ob_end_clean(); // clear output buffer switch ($redirKind) { case '302': $redirHeader = 'HTTP/1.1 302 Moved Temporarily'; break; case '303': $redirHeader = 'HTTP/1.1 303 See Other'; break; default: $redirHeader = 'HTTP/1.1 301 Moved Permanently'; break; } header($redirHeader); header("Location: " . $url); } $mainframe->close(); }
function shRedirect( $url, $msg='', $redirKind = '301', $msgType='message' ) { $mainframe = JFactory::getApplication(); $sefConfig = & Sh404sefFactory::getConfig(); // specific filters if (class_exists('InputFilter')) { $iFilter = new InputFilter(); $url = $iFilter->process( $url ); if (!empty($msg)) { $msg = $iFilter->process( $msg ); } if ($iFilter->badAttributeValue( array( 'href', $url ))) { $url = Sh404sefFactory::getPageInfo()->getDefaultLiveSite(); } } // If the message exists, enqueue it if (JString::trim( $msg )) { $mainframe->enqueueMessage($msg, $msgType); } // Persist messages if they exist $queue = $mainframe->getMessageQueue(); if (count($queue)) { $session = JFactory::getSession(); $session->set('application.queue', $queue); } $document = JFactory::getDocument(); @ob_end_clean(); // clear output buffer if (headers_sent()) { echo '<html><head><meta http-equiv="content-type" content="text/html; charset='.$document->getCharset().'" /><script>document.location.href=\''.$url.'\';</script></head><body></body></html>'; } else { switch ($redirKind) { case '302': $redirHeader ='HTTP/1.1 302 Moved Temporarily'; break; case '303': $redirHeader ='HTTP/1.1 303 See Other'; break; default: $redirHeader = 'HTTP/1.1 301 Moved Permanently'; break; } header( 'Cache-Control: no-cache'); // prevent Firefox5+ and IE9+ to consider this a cacheable redirect header( $redirHeader ); header( 'Location: ' . $url ); header( 'Content-Type: text/html; charset='.$document->getCharset()); } $mainframe->close(); }
/** * Internal method to strip a tag of certain attributes * * @access protected * @param array $attrSet Array of attribute pairs to filter * @return array $newSet Filtered array of attribute pairs */ function filterAttr($attrSet) { /* * Initialize variables */ $newSet = array(); /* * Iterate through attribute pairs */ for ($i = 0; $i < count($attrSet); $i++) { /* * Skip blank spaces */ if (!$attrSet[$i]) { continue; } /* * Split into name/value pairs */ $attrSubSet = explode('=', trim($attrSet[$i]), 2); list($attrSubSet[0]) = explode(' ', $attrSubSet[0]); /* * Remove all "non-regular" attribute names * AND blacklisted attributes */ if (!preg_match("/^[a-z]*\$/", $attrSubSet[0]) || $this->xssAuto && (in_array(strtolower($attrSubSet[0]), $this->attrBlacklist) || substr(strtolower($attrSubSet[0]), 0, 2) == 'on')) { continue; /* * XSS attribute value filtering */ if ($attrSubSet[1]) { // strips unicode, hex, etc $attrSubSet[1] = str_replace('&#', '', $attrSubSet[1]); // strip normal newline within attr value $attrSubSet[1] = preg_replace('/\\s+/', '', $attrSubSet[1]); // strip double quotes $attrSubSet[1] = str_replace('"', '', $attrSubSet[1]); // [requested feature] convert single quotes from either side to doubles (Single quotes shouldn't be used to pad attr value) if (substr($attrSubSet[1], 0, 1) == "'" && substr($attrSubSet[1], strlen($attrSubSet[1]) - 1, 1) == "'") { $attrSubSet[1] = substr($attrSubSet[1], 1, strlen($attrSubSet[1]) - 2); } // strip slashes $attrSubSet[1] = stripslashes($attrSubSet[1]); } /* * Autostrip script tags */ if (InputFilter::badAttributeValue($attrSubSet)) { continue; } /* * Is our attribute in the user input array? */ $attrFound = in_array(strtolower($attrSubSet[0]), $this->attrArray); /* * If the tag is allowed lets keep it */ if (!$attrFound && $this->attrMethod || $attrFound && !$this->attrMethod) { /* * Does the attribute have a value? */ if ($attrSubSet[1]) { $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[1] . '"'; } elseif ($attrSubSet[1] == "0") { /* * Special Case * Is the value 0? */ $newSet[] = $attrSubSet[0] . '="0"'; } else { $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[0] . '"'; } } } return $newSet; } /** * Try to convert to plaintext * * @access protected * @param string $source * @return string Plaintext string */ /** * Method to be called by another php script. Processes for SQL injection * * @access public * @param mixed $source input string/array-of-string to be 'cleaned' * @param resource $connection - An open MySQL connection * @return string 'cleaned' version of input parameter */ function safeSQL($source, &$connection) { // clean all elements in this array if (is_array($source)) { foreach ($source as $key => $value) { // filter element for SQL injection if (is_string($value)) { $source[$key] = $this->quoteSmart($this->decode($value), $connection); } } return $source; // clean this string } else { if (is_string($source)) { // filter source for SQL injection if (is_string($source)) { return $this->quoteSmart($this->decode($source), $connection); } // return parameter as given } else { return $source; } } } /** * Method to escape a string * * @author Chris Tobin * @author Daniel Morris * * @access protected * @param string $source * @param resource $connection An open MySQL connection * @return string Escaped string */ function quoteSmart($source, &$connection) { /* * Strip escaping slashes if necessary */ if (get_magic_quotes_gpc()) { $source = stripslashes($source); } /* * Escape numeric and text values */ $source = $this->escapeString($source, $connection); return $source; } /** * @author Chris Tobin * @author Daniel Morris * * @access protected * @param string $source * @param resource $connection An open MySQL connection * @return string Escaped string */ function escapeString($string, &$connection) { /* * Use the appropriate escape string depending upon which version of php * you are running */ if (version_compare(phpversion(), '4.3.0', '<')) { $string = mysql_escape_string($string); } else { $string = mysql_real_escape_string($string); } return $string; } }
/** * Internal method to strip a tag of certain attributes * @access protected * @param Array $attrSet * @return Array $newSet */ function filterAttr($attrSet) { $newSet = array(); // process attributes for ($i = 0; $i < count($attrSet); $i++) { // skip blank spaces in tag if (!$attrSet[$i]) { continue; } // split into attr name and value $attrSubSet = explode('=', trim($attrSet[$i]), 2); list($attrSubSet[0]) = explode(' ', $attrSubSet[0]); // removes all "non-regular" attr names AND also attr blacklisted if (!eregi("^[a-z]*\$", $attrSubSet[0]) || $this->xssAuto && (in_array(strtolower($attrSubSet[0]), $this->attrBlacklist) || substr($attrSubSet[0], 0, 2) == 'on')) { continue; } // xss attr value filtering if ($attrSubSet[1]) { // strips unicode, hex, etc $attrSubSet[1] = str_replace('&#', '', $attrSubSet[1]); // strip normal newline within attr value $attrSubSet[1] = preg_replace('/\\s+/', '', $attrSubSet[1]); // strip double quotes $attrSubSet[1] = str_replace('"', '', $attrSubSet[1]); // [requested feature] convert single quotes from either side to doubles (Single quotes shouldn't be used to pad attr value) if (substr($attrSubSet[1], 0, 1) == "'" && substr($attrSubSet[1], strlen($attrSubSet[1]) - 1, 1) == "'") { $attrSubSet[1] = substr($attrSubSet[1], 1, strlen($attrSubSet[1]) - 2); } // strip slashes $attrSubSet[1] = stripslashes($attrSubSet[1]); } // auto strip attr's with "javascript: if (InputFilter::badAttributeValue($attrSubSet)) { continue; } // if matches user defined array $attrFound = in_array(strtolower($attrSubSet[0]), $this->attrArray); // keep this attr on condition if (!$attrFound && $this->attrMethod || $attrFound && !$this->attrMethod) { // attr has value if ($attrSubSet[1]) { $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[1] . '"'; } else { if ($attrSubSet[1] == "0") { $newSet[] = $attrSubSet[0] . '="0"'; } else { $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[0] . '"'; } } } } return $newSet; }
/** * Utility function redirect the browser location to another url * * Can optionally provide a message. * @param string The file system path * @param string A filter for the names */ function mosRedirect($url, $msg = '') { global $mainframe; // specific filters $iFilter = new InputFilter(); $url = $iFilter->process($url); if (!empty($msg)) { $msg = $iFilter->process($msg); } // Strip out any line breaks and throw away the rest $url = preg_split("/[\r\n]/", $url); $url = $url[0]; if ($iFilter->badAttributeValue(array('href', $url))) { $url = $GLOBALS['mosConfig_live_site']; } if (trim($msg)) { if (strpos($url, '?')) { $url .= '&mosmsg=' . urlencode($msg); } else { $url .= '?mosmsg=' . urlencode($msg); } } if (headers_sent()) { echo "<script>document.location.href='{$url}';</script>\n"; } else { @ob_end_clean(); // clear output buffer header('HTTP/1.1 301 Movido permanentemente'); header("Location: " . $url); } exit; }