private static function SMTP_HTMLPurify($data, $options = array()) { if (!class_exists("HTMLPurifier")) { require_once str_replace("\\", "/", dirname(__FILE__)) . "/htmlpurifier/HTMLPurifier.standalone.php"; } if (self::$purifier === false) { $config = HTMLPurifier_Config::createDefault(); foreach ($options as $key => $val) { $config->set($key, $val); } self::$purifier = new HTMLPurifier($config); } $data = UTF8::MakeValid($data); $data = self::$purifier->purify($data); $data = UTF8::MakeValid($data); return $data; }
function SSO_FrontendFieldValue($name, $default = false) { $name = SSO_FrontendField($name); return isset($_REQUEST[$name]) ? UTF8::MakeValid($_REQUEST[$name]) : $default; }
public static function Parse($data, $depth = 0) { $result = array(); if ($depth == 10) { return $result; } // Extract headers. $space = ord(" "); $tab = ord("\t"); $data = self::ReplaceNewlines("\r\n", $data); $data = explode("\r\n", $data); $y = count($data); $lastheader = ""; for ($x = 0; $x < $y; $x++) { $currline = rtrim($data[$x]); if ($currline == "") { break; } $TempChr = ord($currline[0]); if ($TempChr == $space || $TempChr == $tab) { if ($lastheader != "") { $result["headers"][$lastheader] .= " " . self::ConvertFromRFC1342(ltrim($currline)); } } else { $pos = strpos($currline, ":"); if ($pos !== false) { $lastheader = strtolower(substr($currline, 0, $pos)); $result["headers"][$lastheader] = self::ConvertFromRFC1342(ltrim(substr($currline, $pos + 1))); } } } // Extract body. $data = implode("\r\n", array_slice($data, $x + 1)); if (isset($result["headers"]["content-transfer-encoding"])) { $encoding = self::ExplodeHeader($result["headers"]["content-transfer-encoding"]); if (isset($encoding[""])) { if ($encoding[""] == "base64") { $data = base64_decode(preg_replace("/\\s/", "", $data)); } else { if ($encoding[""] == "quoted-printable") { $data = self::ConvertFromRFC1341($data); } } } } // Process body for more MIME content. if (!isset($result["headers"]["content-type"])) { $result["body"] = UTF8::MakeValid($data); $result["mime"] = array(); } else { $contenttype = self::ExplodeHeader($result["headers"]["content-type"]); if (array_key_exists("charset", $contenttype)) { $data2 = self::ConvertCharset($data, $contenttype["charset"], "UTF-8"); if ($data2 !== false) { $data = $data2; } $data = UTF8::MakeValid($data); } if (!isset($contenttype["boundary"])) { $result["body"] = $data; $result["mime"] = array(); } else { $pos = strpos($data, "--" . $contenttype["boundary"]); if ($pos !== false && !$pos) { $data = "\r\n" . $data; } $data = explode("\r\n--" . $contenttype["boundary"], $data); $result["body"] = UTF8::MakeValid($data[0]); $result["mime"] = array(); $y = count($data); for ($x = 1; $x < $y; $x++) { if (substr($data[$x], 0, 2) != "--") { $result["mime"][$x - 1] = self::Parse(ltrim($data[$x]), $depth + 1); } else { break; } } } } return $result; }
function SSO_CreateEncryptedUserInfo(&$userinfo) { global $sso_fields; $result = $userinfo; $userinfo = array(); foreach ($sso_fields as $key => $encrypted) { if (isset($result[$key])) { $key2 = UTF8::MakeValid($key); $val = UTF8::MakeValid($result[$key]); unset($result[$key]); if ($encrypted) { $result[$key2] = $val; } else { $userinfo[$key2] = $val; } } } return SSO_EncryptDBData($result); }
BB_RedirectPage("success", "Successfully deleted the field.", array("action=managefields&sec_t=" . BB_CreateSecurityToken("managefields"))); } else { if ($sso_site_admin && isset($_REQUEST["action"]) && $_REQUEST["action"] == "managefields") { $desc = "<br />"; $desc .= "<a href=\"" . BB_GetRequestURLBase() . "?action=addfield&sec_t=" . BB_CreateSecurityToken("addfield") . "\">Add Field</a>"; $rows = array(); $result = $sso_db->Query("SELECT", array("*", "FROM" => "?", "ORDER BY" => "field_name"), $sso_db_fields); while ($row = $result->NextRow()) { $rows[] = array(htmlspecialchars($row->field_name), htmlspecialchars($row->field_desc), BB_Translate($row->enabled ? "Yes" : "No"), BB_Translate($row->encrypted ? "Yes" : "No"), "<a href=\"" . BB_GetRequestURLBase() . "?action=togglefield&id=" . $row->id . "&type=enabled&sec_t=" . BB_CreateSecurityToken("togglefield") . "\">" . htmlspecialchars(BB_Translate($row->enabled ? "Disable" : "Enable")) . "</a> | <a href=\"" . BB_GetRequestURLBase() . "?action=togglefield&id=" . $row->id . "&type=encrypted&sec_t=" . BB_CreateSecurityToken("togglefield") . "\" onclick=\"return confirm('" . htmlspecialchars(BB_JSSafe(BB_Translate("Toggling the encryption status of fields doesn't immediately affect existing data. Are you sure you want to toggle the encryption status of '%s'?", $row->field_name))) . "');\">" . htmlspecialchars(BB_Translate($row->encrypted ? "Decrypt" : "Encrypt")) . "</a> | <a href=\"" . BB_GetRequestURLBase() . "?action=deletefield&id=" . $row->id . "&sec_t=" . BB_CreateSecurityToken("deletefield") . "\" onclick=\"return confirm('" . htmlspecialchars(BB_JSSafe(BB_Translate("Deleting fields doesn't affect existing data but disabling is usually better. Are you sure you want to delete '%s'?", $row->field_name))) . "');\">" . htmlspecialchars(BB_Translate("Delete")) . "</a>"); } $contentopts = array("desc" => "Manage user fields.", "htmldesc" => $desc, "fields" => array(array("type" => "table", "cols" => array("Field", "Description", "Enabled", "Encrypted", "Options"), "rows" => $rows))); BB_GeneratePage("Manage Fields", $sso_menuopts, $contentopts); } else { if ($sso_site_admin && isset($_REQUEST["action"]) && $_REQUEST["action"] == "addtag") { if (isset($_REQUEST["name"])) { $_REQUEST["name"] = UTF8::MakeValid($_REQUEST["name"]); if ($_REQUEST["name"] == "" || is_numeric($_REQUEST["name"])) { BB_SetPageMessage("error", "Please fill in 'Tag Name'."); } else { if ($sso_db->GetOne("SELECT", array("COUNT(*)", "FROM" => "?", "WHERE" => "tag_name = ?"), $sso_db_tags, $_REQUEST["name"])) { BB_SetPageMessage("error", "The Tag Name '" . $_REQUEST["name"] . "' already exists."); } else { if ($_REQUEST["desc"] == "") { BB_SetPageMessage("error", "Please fill in 'Tag Description'."); } } } if (BB_GetPageMessageType() != "error") { $sso_db->Query("INSERT", array($sso_db_tags, array("tag_name" => $_REQUEST["name"], "tag_desc" => $_REQUEST["desc"], "enabled" => 1, "created" => CSDB::ConvertToDBTime(time())))); BB_RedirectPage("success", "Successfully created the tag.", array("action=managetags&sec_t=" . BB_CreateSecurityToken("managetags"))); }
function BB_HTMLPurify($data, $options = array()) { require_once ROOT_PATH . "/" . SUPPORT_PATH . "/htmlpurifier/HTMLPurifier.standalone.php"; $data = UTF8::MakeValid($data); $config = HTMLPurifier_Config::createDefault(); foreach ($options as $key => $val) { $config->set($key, $val); } $purifier = new HTMLPurifier($config); $data = $purifier->purify($data); unset($purifier); unset($config); $data = UTF8::MakeValid($data); return $data; }