function filterTags source preTag NULL postTag source tagOpen_start st

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
<?
function filterTags($source) {
$preTag = NULL;
$postTag = $source;
$tagOpen_start = strpos( $source, '<' );
while ( $tagOpen_start !== FALSE ) {
$preTag .= substr( $postTag, 0, $tagOpen_start );
$postTag = substr( $postTag, $tagOpen_start );
$fromTagOpen = substr( $postTag, 1 );
$tagOpen_end = strpos( $fromTagOpen, '>' );
if( $tagOpen_end === false ) break;
$tagOpen_nested = strpos( $fromTagOpen, '<' );
if( ($tagOpen_nested !== false) && ($tagOpen_nested < $tagOpen_end) ) {
$preTag .= substr( $postTag, 0, ($tagOpen_nested + 1) );
$postTag = substr( $postTag, ($tagOpen_nested + 1) );
$tagOpen_start = strpos( $postTag, '<' );
continue;
}
$tagOpen_nested = (strpos( $fromTagOpen, '<' ) + $tagOpen_start + 1);
$currentTag = substr( $fromTagOpen, 0, $tagOpen_end );
$tagLength = strlen( $currentTag );
if( ! $tagOpen_end ) {
$preTag .= $postTag;
$tagOpen_start = strpos( $postTag, '<' );
}
$tagLeft = $currentTag;
$attrSet = array ();
$currentSpace = strpos( $tagLeft, ' ' );
if( substr( $currentTag, 0, 1 ) == "/" ) {
$isCloseTag = TRUE;
list ( $tagName ) = explode( ' ', $currentTag );
$tagName = substr( $tagName, 1 );
} else {
$isCloseTag = FALSE;
list ( $tagName ) = explode( ' ', $currentTag );
}
if( (! preg_match( "/^[a-z][a-z0-9]*$/i", $tagName )) || (! $tagName) || ((in_array( strtolower( $tagName ), $this->tagBlacklist )) && ($this->xssAuto)) ) {
$postTag = substr( $postTag, ($tagLength + 2) );
$tagOpen_start = strpos( $postTag, '<' );
continue;
}
while ( $currentSpace !== FALSE ) {
$fromSpace = substr( $tagLeft, ($currentSpace + 1) );
$nextSpace = strpos( $fromSpace, ' ' );
$openQuotes = strpos( $fromSpace, '"' );
$closeQuotes = strpos( substr( $fromSpace, ($openQuotes + 1) ), '"' ) + $openQuotes + 1;
if( strpos( $fromSpace, '=' ) !== FALSE ) {
if( ($openQuotes !== FALSE) && (strpos( substr( $fromSpace, ($openQuotes + 1) ), '"' ) !== FALSE) ) $attr = substr( $fromSpace, 0, ($closeQuotes + 1) );
else $attr = substr( $fromSpace, 0, $nextSpace );
} else
$attr = substr( $fromSpace, 0, $nextSpace );
if( ! $attr ) $attr = $fromSpace;
$attrSet[] = $attr;
$tagLeft = substr( $fromSpace, strlen( $attr ) );
$currentSpace = strpos( $tagLeft, ' ' );
}
$tagFound = in_array( strtolower( $tagName ), $this->tagsArray );
if( (! $tagFound && $this->tagsMethod) || ($tagFound && ! $this->tagsMethod) ) {
if( ! $isCloseTag ) {
$attrSet = $this->filterAttr( $attrSet, strtolower( $tagName ) );
$preTag .= '<' . $tagName;
for($i = 0; $i < count( $attrSet ); $i ++)
$preTag .= ' ' . $attrSet[$i];
if( strpos( $fromTagOpen, "</" . $tagName ) ) $preTag .= '>';
else $preTag .= ' />';
} else
$preTag .= '</' . $tagName . '>';
}
$postTag = substr( $postTag, ($tagLength + 2) );
$tagOpen_start = strpos( $postTag, '<' );
}
$preTag .= $postTag;
return $preTag;
}
function filterAttr($attrSet, $tagName) {
global $config;
$newSet = array ();
for($i = 0; $i < count( $attrSet ); $i ++) {
if( ! $attrSet[$i] ) continue;
$attrSet[$i] = trim( $attrSet[$i] );
$exp = strpos( $attrSet[$i], '=' );
if( $exp === false ) $attrSubSet = Array ($attrSet[$i] );
else {
$attrSubSet = Array ();
$attrSubSet[] = substr( $attrSet[$i], 0, $exp );
$attrSubSet[] = substr( $attrSet[$i], $exp + 1 );
}
$attrSubSet[1] = stripslashes( $attrSubSet[1] );
list ( $attrSubSet[0] ) = explode( ' ', $attrSubSet[0] );
$attrSubSet[0] = strtolower( $attrSubSet[0] );
if( (! preg_match( "/^[a-z\-]*$/i", $attrSubSet[0] )) || (($this->xssAuto) && ((in_array( $attrSubSet[0], $this->attrBlacklist )) || (substr( $attrSubSet[0], 0, 2 ) == 'on'))) ) continue;
if( $attrSubSet[1] ) {
$attrSubSet[1] = str_replace( '&#', '', $attrSubSet[1] );
if ( strtolower($config['charset']) == "utf-8") $attrSubSet[1] = preg_replace( '/\s+/u', ' ', $attrSubSet[1] );
else $attrSubSet[1] = preg_replace( '/\s+/', ' ', $attrSubSet[1] );
$attrSubSet[1] = str_replace( '"', '', $attrSubSet[1] );
if( (substr( $attrSubSet[1], 0, 1 ) == "'") && (substr( $attrSubSet[1], (strlen( $attrSubSet[1] ) - 1), 1 ) == "'") ) $attrSubSet[1] = substr( $attrSubSet[1], 1, (strlen( $attrSubSet[1] ) - 2) );
}
if( ((strpos( strtolower( $attrSubSet[1] ), 'expression' ) !== false) && ($attrSubSet[0] == 'style')) || (strpos( strtolower( $attrSubSet[1] ), 'javascript:' ) !== false) || (strpos( strtolower( $attrSubSet[1] ), 'behaviour:' ) !== false) || (strpos( strtolower( $attrSubSet[1] ), 'vbscript:' ) !== false) || (strpos( strtolower( $attrSubSet[1] ), 'mocha:' ) !== false) || (strpos( strtolower( $attrSubSet[1] ), 'data:' ) !== false and $attrSubSet[0] == "href") || (strpos( strtolower( $attrSubSet[1] ), 'data:' ) !== false and $attrSubSet[0] == "data") || (strpos( strtolower( $attrSubSet[1] ), 'data:' ) !== false and $attrSubSet[0] == "src") || ($attrSubSet[0] == "href" and @strpos( strtolower( $attrSubSet[1] ), $config['admin_path'] ) !== false and preg_match( "/[?&%<\[\]]/", $attrSubSet[1] )) || (strpos( strtolower( $attrSubSet[1] ), 'livescript:' ) !== false) ) continue;
$attrFound = in_array( $attrSubSet[0], $this->attrArray );
if( (! $attrFound && $this->attrMethod) || ($attrFound && ! $this->attrMethod) ) {
if( $attrSubSet[1] ) $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[1] . '"';
elseif( $attrSubSet[1] == "0" ) $newSet[] = $attrSubSet[0] . '="0"';
else $newSet[] = $attrSubSet[0] . '=""';
}
}
;
return $newSet;
}
function decode($source) {
global $config;
if( $this->allow_code )
$source = preg_replace_callback( "#\[code\](.+?)\[/code\]#is", array( &$this, 'code_tag'), $source );
if( $this->safe_mode AND !$this->wysiwyg ) {
$source = htmlspecialchars( $source, ENT_QUOTES, $config['charset'] );
$source = str_replace( '&amp;', '&', $source );
} else {
$source = str_replace( "<>", "&lt;&gt;", str_replace( ">>", "&gt;&gt;", str_replace( "<<", "&lt;&lt;", $source ) ) );
$source = str_replace( "<!--", "&lt;!--", $source );
}
return $source;
}
?>