fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-11 04:52:14 +09:00
Code Issues Projects Releases Packages Wiki Activity

Use utf8_check to check variables in Security class

Browse source
This commit is contained in:
Kijin Sung 2016-03-14 20:54:27 +09:00
parent 251b43cd00
commit 4407af2b0f
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
common/framework/security.php
View file

@ -20,22 +20,22 @@ class Security
{ {
// Escape HTML special characters. // Escape HTML special characters.
case 'escape': case 'escape':
if (!detectUTF8($input)) return false; if (!utf8_check($input)) return false;
return escape($input); return escape($input);
// Strip all HTML tags. // Strip all HTML tags.
case 'strip': case 'strip':
if (!detectUTF8($input)) return false; if (!utf8_check($input)) return false;
return escape(strip_tags($input)); return escape(strip_tags($input));
// Clean up HTML content to prevent XSS attacks. // Clean up HTML content to prevent XSS attacks.
case 'html': case 'html':
if (!detectUTF8($input)) return false; if (!utf8_check($input)) return false;
return Security\HTMLFilter::clean($input); return Security\HTMLFilter::clean($input);
// Clean up the input to be used as a safe filename. // Clean up the input to be used as a safe filename.
case 'filename': case 'filename':
if (!detectUTF8($input)) return false; if (!utf8_check($input)) return false;
return Security\FilenameFilter::clean($input); return Security\FilenameFilter::clean($input);
// Unknown filters return false. // Unknown filters return false.