fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-02 01:52:10 +09:00
Code Issues Projects Releases Packages Wiki Activity

Use utf8_check to check variables in Security class

Browse source
This commit is contained in:
Kijin Sung 2016-03-14 20:54:27 +09:00
parent 251b43cd00
commit 4407af2b0f
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
common/framework/security.php
View file

@ -20,22 +20,22 @@ class Security
{
// Escape HTML special characters.
case 'escape':
if (!detectUTF8($input)) return false;
if (!utf8_check($input)) return false;
return escape($input);
// Strip all HTML tags.
case 'strip':
if (!detectUTF8($input)) return false;
if (!utf8_check($input)) return false;
return escape(strip_tags($input));
// Clean up HTML content to prevent XSS attacks.
case 'html':
if (!detectUTF8($input)) return false;
if (!utf8_check($input)) return false;
return Security\HTMLFilter::clean($input);
// Clean up the input to be used as a safe filename.
case 'filename':
if (!detectUTF8($input)) return false;
if (!utf8_check($input)) return false;
return Security\FilenameFilter::clean($input);
// Unknown filters return false.