$user_group = array(); $db->query("SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC"); while ($row = $db->get_row()) { $user_group[$row['id']] = array(); foreach ($row as $key => $value) { $user_group[$row['id']][$key] = stripslashes($value); } } set_vars("usergroup", $user_group); $db->free(); } $txt = trim(convert_unicode($_POST['txt'], $config['charset'])); if (function_exists("get_magic_quotes_gpc") && get_magic_quotes_gpc()) { $txt = stripslashes($txt); } require_once ENGINE_DIR . '/classes/typograf.class.php'; if ($config['charset'] == "windows-1251") { $typo = new typographus(); } else { $typo = new typographus($config['charset']); } $txt = $typo->process($txt); $find = array('/data:/i', '/about:/i', '/vbscript:/i', '/onclick/i', '/onload/i', '/onunload/i', '/onabort/i', '/onerror/i', '/onblur/i', '/onchange/i', '/onfocus/i', '/onreset/i', '/onsubmit/i', '/ondblclick/i', '/onkeydown/i', '/onkeypress/i', '/onkeyup/i', '/onmousedown/i', '/onmouseup/i', '/onmouseover/i', '/onmouseout/i', '/onselect/i', '/javascript/i', '/onmouseenter/i', '/onwheel/i', '/onshow/i'); $replace = array("data:", "about:", "vbscript<b></b>:", "onclick", "onload", "onunload", "onabort", "onerror", "onblur", "onchange", "onfocus", "onreset", "onsubmit", "ondblclick", "onkeydown", "onkeypress", "onkeyup", "onmousedown", "onmouseup", "onmouseover", "onmouseout", "onselect", "javascript", 'onmouseenter', 'onwheel', 'onshow'); $txt = preg_replace($find, $replace, $txt); $txt = preg_replace("#<iframe#i", "<iframe", $txt); $txt = preg_replace("#<script#i", "<script", $txt); $txt = str_replace("<?", "<?", $txt); $txt = str_replace("?>", "?>", $txt); @header("Content-type: text/html; charset=" . $config['charset']); echo $txt;
<?php header('Content-Type: text/html; charset=utf-8'); if (empty($_POST['text'])) { $out_txt = ''; } else { require_once "typographus.php"; $typo = new typographus("UTF-8"); $in_txt = urldecode($_POST['text']); $out_txt = $typo->process($in_txt); } echo $out_txt;
<?php if (get_magic_quotes_gpc()) { function stripslashes_deep($value) { $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value); return $value; } $_POST = array_map('stripslashes_deep', $_POST); $_GET = array_map('stripslashes_deep', $_GET); $_COOKIE = array_map('stripslashes_deep', $_COOKIE); $_REQUEST = array_map('stripslashes_deep', $_REQUEST); } $word = urldecode($_POST['text']); require_once "typographus.php"; $typo = new typographus("UTF-8"); $out_txt = $typo->process($word); $find = array('/data:/i', '/about:/i', '/vbscript:/i', '/onclick/i', '/onload/i', '/onunload/i', '/onabort/i', '/onerror/i', '/onblur/i', '/onchange/i', '/onfocus/i', '/onreset/i', '/onsubmit/i', '/ondblclick/i', '/onkeydown/i', '/onkeypress/i', '/onkeyup/i', '/onmousedown/i', '/onmouseup/i', '/onmouseover/i', '/onmouseout/i', '/onselect/i', '/javascript/i', '/javascript/i'); $replace = array("data:", "about:", "vbscript<b></b>:", "onclick", "onload", "onunload", "onabort", "onerror", "onblur", "onchange", "onfocus", "onreset", "onsubmit", "ondblclick", "onkeydown", "onkeypress", "onkeyup", "onmousedown", "onmouseup", "onmouseover", "onmouseout", "onselect", "javascript"); $out_txt = preg_replace($find, $replace, $out_txt); $out_txt = preg_replace("#<iframe#i", "<iframe", $out_txt); $out_txt = preg_replace("#<script#i", "<script", $out_txt); $out_txt = str_replace("<?", "<?", $out_txt); $out_txt = str_replace("?>", "?>", $out_txt); @header("Content-type: text/html; charset=utf-8"); echo $out_txt;