Exemplos de cs_form::_filter_xss_bad_protocol em PHP

Linguagem de programação: PHP

Classe / Tipo: cs_form

Método / Função: _filter_xss_bad_protocol

Exemplos em hotexamples.com: 1

cs_form::_filter_xss_bad_protocol em PHP - 1 exemplos encontrados. Esses são os exemplos do mundo real mais bem avaliados de cs_form::_filter_xss_bad_protocol em PHP extraídos de projetos de código aberto. Você pode avaliar os exemplos para nos ajudar a melhorar a qualidade deles.

Métodos Frequentes

Exibir Ocultar

get_id(2)

is_partial(2)

set_output_type(1)

set_inline_errors(1)

set_form_id(1)

set_attribute(1)

set_ajax_submit_url(1)

set_action(1)

scan_array(1)

process_plain(1)

is_processed(1)

_filter_xss_attributes(1)

_filter_xss_bad_protocol(1)

get_field(1)

get_current_step(1)

format_bytes(1)

array_get_values(1)

array_flatten(1)

add_js(1)

add_field(1)

_validate_utf8(1)

_strip_dangerous_protocols(1)

_filter_xss_split(1)

translate_string(1)

Métodos Frequentes

get_id (2)

is_partial (2)

set_output_type (1)

set_inline_errors (1)

set_form_id (1)

set_attribute (1)

set_ajax_submit_url (1)

set_action (1)

scan_array (1)

process_plain (1)

Métodos Frequentes

is_processed (1)

_filter_xss_attributes (1)

_filter_xss_bad_protocol (1)

get_field (1)

get_current_step (1)

format_bytes (1)

array_get_values (1)

array_flatten (1)

add_js (1)

add_field (1)

_validate_utf8 (1)

_strip_dangerous_protocols (1)

_filter_xss_split (1)

translate_string (1)

Métodos Frequentes

_validate_utf8 (1)

_strip_dangerous_protocols (1)

_filter_xss_split (1)

translate_string (1)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: form.php Projeto: degami/php-forms-api

/** * _filter_xss_attributes private method * @param string $attr attributes string * @return array filtered attributes array */ private static function _filter_xss_attributes($attr) { $attrarr = array(); $mode = 0; $attrname = ''; while (strlen($attr) != 0) { // Was the last operation successful? $working = 0; switch ($mode) { case 0: // Attribute name, href for instance. if (preg_match('/^([-a-zA-Z]+)/', $attr, $match)) { $attrname = strtolower($match[1]); $skip = $attrname == 'style' || substr($attrname, 0, 2) == 'on'; $working = $mode = 1; $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr); } break; case 1: // Equals sign or valueless ("selected"). if (preg_match('/^\\s*=\\s*/', $attr)) { $working = 1; $mode = 2; $attr = preg_replace('/^\\s*=\\s*/', '', $attr); break; } if (preg_match('/^\\s+/', $attr)) { $working = 1; $mode = 0; if (!$skip) { $attrarr[] = $attrname; } $attr = preg_replace('/^\\s+/', '', $attr); } break; case 2: // Attribute value, a URL after href= for instance. if (preg_match('/^"([^"]*)"(\\s+|$)/', $attr, $match)) { $thisval = cs_form::_filter_xss_bad_protocol($match[1]); if (!$skip) { $attrarr[] = "{$attrname}=\"{$thisval}\""; } $working = 1; $mode = 0; $attr = preg_replace('/^"[^"]*"(\\s+|$)/', '', $attr); break; } if (preg_match("/^'([^']*)'(\\s+|\$)/", $attr, $match)) { $thisval = cs_form::_filter_xss_bad_protocol($match[1]); if (!$skip) { $attrarr[] = "{$attrname}='{$thisval}'"; } $working = 1; $mode = 0; $attr = preg_replace("/^'[^']*'(\\s+|\$)/", '', $attr); break; } if (preg_match("%^([^\\s\"']+)(\\s+|\$)%", $attr, $match)) { $thisval = cs_form::_filter_xss_bad_protocol($match[1]); if (!$skip) { $attrarr[] = "{$attrname}=\"{$thisval}\""; } $working = 1; $mode = 0; $attr = preg_replace("%^[^\\s\"']+(\\s+|\$)%", '', $attr); } break; } if ($working == 0) { // Not well formed; remove and try again. $attr = preg_replace('/ ^ ( "[^"]*("|$) # - a string that starts with a double quote, up until the next double quote or the end of the string | # or \'[^\']*(\'|$)| # - a string that starts with a quote, up until the next quote or the end of the string | # or \\S # - a non-whitespace character )* # any number of the above three \\s* # any number of whitespaces /x', '', $attr); $mode = 0; } } // The attribute list ends with a valueless attribute like "selected". if ($mode == 1 && !$skip) { $attrarr[] = $attrname; } return $attrarr; }