function execute() { global $xoopsUser; // HTMLPurifier runs with PHP5 only if (version_compare(PHP_VERSION, '5.0.0') < 0) { die('Turn postcommon_post_htmlpurify4guest.php off because this filter cannot run with PHP4'); } if (is_object($xoopsUser)) { return true; } // use HTMLPurifier inside ImpressCMS if (!class_exists('icms_core_HTMLFilter')) { $this->purifier =& icms_core_HTMLFilter::getInstance(); $this->method = 'htmlpurify'; } else { // use HTMLPurifier inside Protector require_once dirname(dirname(__FILE__)) . '/library/HTMLPurifier.auto.php'; $config = HTMLPurifier_Config::createDefault(); $config->set('Cache', 'SerializerPath', XOOPS_TRUST_PATH . '/modules/protector/configs'); $config->set('Core', 'Encoding', _CHARSET); //$config->set('HTML', 'Doctype', 'HTML 4.01 Transitional'); $this->purifier = new HTMLPurifier($config); $this->method = 'purify'; } $_POST = $this->purify_recursive($_POST); }
/** * Filters HTML form data for INPUT to DB * * @param string $html * @param bool $smiley allow smileys? * @param bool $icode allow icmscode? * @param bool $image allow inline images? * @return string **/ public static function filterHTMLinput($html, $smiley = 1, $icode = 1, $image = 1) { icms::$preload->triggerEvent('beforeFilterHTMLinput', array(&$html, $smiley, $icode, $image)); $html = self::codePreConv($html, $icode); $html = self::makeClickable($html); if ($smiley != 0) { $html = self::smiley($html); } if ($icode != 0) { if ($image != 0) { $html = self::codeDecode($html); } else { $html = self::codeDecode($html, 0); } } $html = self::codeConv($html, $icode, $image); $html = icms_core_HTMLFilter::filterHTML($html); icms::$preload->triggerEvent('afterFilterHTMLinput', array(&$html, $smiley, $icode, $image)); return $html; }
/** * Filters HTML form data for Display Only * we don't really require the icmscode stuff, but we need to for content already in the DB before * we start filtering on INPUT instead of OUTPUT!! * * @param string $html * @param bool $icode allow icmscode? * @return string **/ public static function filterHTMLdisplay($html, $icode = 1, $br = 0) { icms::$preload->triggerEvent('beforeFilterHTMLdisplay', array(&$html, 1, $br)); $ifiltered = strpos($html, '<!-- input filtered -->'); if ($ifiltered === FALSE) { $html = self::codePreConv($html, 1); $html = self::smiley($html); $html = self::codeDecode($html); $html = self::codeConv($html, 1, 1); $html = icms_core_HTMLFilter::filterHTML($html); $html .= '<!-- warning! output filtered only -->'; $purified = strpos($html, '<!-- filtered with htmlpurifier -->'); if ($purified === FALSE || ($br = 1)) { $html = self::nl2Br($html); } } $html = self::makeClickable($html); $html = self::censorString($html); // $html = str_replace('<!-- input filtered -->', '', $html); // $html = str_replace('<!-- filtered with htmlpurifier -->', '', $html); icms::$preload->triggerEvent('afterFilterHTMLdisplay', array(&$html, 1, $br)); return $html; }