mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-06 18:21:39 +09:00
#66 install php version check
#16 install rewrite module usable check #48 htmlspecialchars function params add
This commit is contained in:
akasima
bnu
parent
51b6b21cf2
commit
736f382b27
93 changed files with 240 additions and 215 deletions
|
|
@ -355,7 +355,7 @@ class EmbedFilter
|
|||
|
||||
if(!$isWhiteDomain && !$isWhiteMimetype && !$isWhiteExt)
|
||||
{
|
||||
$content = str_replace($objectTag, htmlspecialchars($objectTag), $content);
|
||||
$content = str_replace($objectTag, htmlspecialchars($objectTag, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), $content);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -408,7 +408,7 @@ class EmbedFilter
|
|||
|
||||
if(!$isWhiteDomain && !$isWhiteMimetype && !$isWhiteExt)
|
||||
{
|
||||
$content = str_replace($embedTag, htmlspecialchars($embedTag), $content);
|
||||
$content = str_replace($embedTag, htmlspecialchars($embedTag, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), $content);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -451,7 +451,7 @@ class EmbedFilter
|
|||
|
||||
if(!$isWhiteDomain)
|
||||
{
|
||||
$content = str_replace($iframeTag, htmlspecialchars($iframeTag), $content);
|
||||
$content = str_replace($iframeTag, htmlspecialchars($iframeTag, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), $content);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -491,7 +491,7 @@ class EmbedFilter
|
|||
|
||||
if(!$isWhiteDomain && !$isWhiteExt)
|
||||
{
|
||||
$content = str_replace($paramTag, htmlspecialchars($paramTag), $content);
|
||||
$content = str_replace($paramTag, htmlspecialchars($paramTag, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), $content);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -115,7 +115,7 @@ class Security
|
|||
{
|
||||
if(!preg_match('/^\$user_lang->/', $var))
|
||||
{
|
||||
$var = htmlspecialchars($var);
|
||||
$var = htmlspecialchars($var, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
|
||||
}
|
||||
return $var;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class HTMLPurifier_AttrTransform_ImgSpace extends HTMLPurifier_AttrTransform {
|
|||
public function __construct($attr) {
|
||||
$this->attr = $attr;
|
||||
if (!isset($this->css[$attr])) {
|
||||
trigger_error(htmlspecialchars($attr) . ' is not valid space attribute');
|
||||
trigger_error(htmlspecialchars($attr, ENT_COMPAT | ENT_HTML401, 'UTF-8', false) . ' is not valid space attribute');
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -302,7 +302,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
|||
// emit errors
|
||||
foreach ($allowed_properties as $name => $d) {
|
||||
// :TODO: Is this htmlspecialchars() call really necessary?
|
||||
$name = htmlspecialchars($name);
|
||||
$name = htmlspecialchars($name, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
|
||||
trigger_error("Style attribute '$name' is not supported $support", E_USER_WARNING);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -153,7 +153,7 @@ class HTMLPurifier_Config
|
|||
if (!$this->finalized) $this->autoFinalize();
|
||||
if (!isset($this->def->info[$key])) {
|
||||
// can't add % due to SimpleTest bug
|
||||
$this->triggerError('Cannot retrieve value of undefined directive ' . htmlspecialchars($key),
|
||||
$this->triggerError('Cannot retrieve value of undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false),
|
||||
E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
|
|
@ -181,7 +181,7 @@ class HTMLPurifier_Config
|
|||
if (!$this->finalized) $this->autoFinalize();
|
||||
$full = $this->getAll();
|
||||
if (!isset($full[$namespace])) {
|
||||
$this->triggerError('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace),
|
||||
$this->triggerError('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace, ENT_COMPAT | ENT_HTML401, 'UTF-8', false),
|
||||
E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
|
|
@ -246,7 +246,7 @@ class HTMLPurifier_Config
|
|||
}
|
||||
if ($this->isFinalized('Cannot set directive after finalization')) return;
|
||||
if (!isset($this->def->info[$key])) {
|
||||
$this->triggerError('Cannot set undefined directive ' . htmlspecialchars($key) . ' to value',
|
||||
$this->triggerError('Cannot set undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false) . ' to value',
|
||||
E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ class HTMLPurifier_DoctypeRegistry
|
|||
public function get($doctype) {
|
||||
if (isset($this->aliases[$doctype])) $doctype = $this->aliases[$doctype];
|
||||
if (!isset($this->doctypes[$doctype])) {
|
||||
trigger_error('Doctype ' . htmlspecialchars($doctype) . ' does not exist', E_USER_ERROR);
|
||||
trigger_error('Doctype ' . htmlspecialchars($doctype, ENT_COMPAT | ENT_HTML401, 'UTF-8', false) . ' does not exist', E_USER_ERROR);
|
||||
$anon = new HTMLPurifier_Doctype($doctype);
|
||||
return $anon;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -246,7 +246,7 @@ class HTMLPurifier_Generator
|
|||
// Workaround for APC bug on Mac Leopard reported by sidepodcast
|
||||
// http://htmlpurifier.org/phorum/read.php?3,4823,4846
|
||||
if ($quote === null) $quote = ENT_COMPAT;
|
||||
return htmlspecialchars($string, $quote, 'UTF-8');
|
||||
return htmlspecialchars($string, $quote, 'UTF-8', false);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -261,7 +261,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||
}
|
||||
// emit errors
|
||||
foreach ($allowed_elements as $element => $d) {
|
||||
$element = htmlspecialchars($element); // PHP doesn't escape errors, be careful!
|
||||
$element = htmlspecialchars($element, ENT_COMPAT | ENT_HTML401, 'UTF-8', false); // PHP doesn't escape errors, be careful!
|
||||
trigger_error("Element '$element' is not supported $support", E_USER_WARNING);
|
||||
}
|
||||
}
|
||||
|
|
@ -315,8 +315,8 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||
switch ($c) {
|
||||
case 2:
|
||||
if ($bits[0] !== '*') {
|
||||
$element = htmlspecialchars($bits[0]);
|
||||
$attribute = htmlspecialchars($bits[1]);
|
||||
$element = htmlspecialchars($bits[0], ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
|
||||
$attribute = htmlspecialchars($bits[1], ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
|
||||
if (!isset($this->info[$element])) {
|
||||
trigger_error("Cannot allow attribute '$attribute' if element '$element' is not allowed/supported $support");
|
||||
} else {
|
||||
|
|
@ -327,7 +327,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||
}
|
||||
// otherwise fall through
|
||||
case 1:
|
||||
$attribute = htmlspecialchars($bits[0]);
|
||||
$attribute = htmlspecialchars($bits[0], ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
|
||||
trigger_error("Global attribute '$attribute' is not ".
|
||||
"supported in any elements $support",
|
||||
E_USER_WARNING);
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@ class HTMLPurifier_Lexer
|
|||
$inst = new HTMLPurifier_Lexer_PH5P();
|
||||
break;
|
||||
default:
|
||||
throw new HTMLPurifier_Exception("Cannot instantiate unrecognized Lexer type " . htmlspecialchars($lexer));
|
||||
throw new HTMLPurifier_Exception("Cannot instantiate unrecognized Lexer type " . htmlspecialchars($lexer, ENT_COMPAT | ENT_HTML401, 'UTF-8', false));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -252,7 +252,7 @@ class HTMLPurifier_Lexer
|
|||
*/
|
||||
protected static function CDATACallback($matches) {
|
||||
// not exactly sure why the character set is needed, but whatever
|
||||
return htmlspecialchars($matches[1], ENT_COMPAT, 'UTF-8');
|
||||
return htmlspecialchars($matches[1], ENT_COMPAT, 'UTF-8', false);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
|
|||
* @param $matches, in form of array(opening tag, contents, closing tag)
|
||||
*/
|
||||
protected function scriptCallback($matches) {
|
||||
return $matches[1] . htmlspecialchars($matches[2], ENT_COMPAT, 'UTF-8') . $matches[3];
|
||||
return $matches[1] . htmlspecialchars($matches[2], ENT_COMPAT, 'UTF-8', false) . $matches[3];
|
||||
}
|
||||
|
||||
public function tokenizeHTML($html, $config, $context) {
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ class HTMLPurifier_Printer
|
|||
*/
|
||||
protected function escape($string) {
|
||||
$string = HTMLPurifier_Encoder::cleanUTF8($string);
|
||||
$string = htmlspecialchars($string, ENT_COMPAT, 'UTF-8');
|
||||
$string = htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false);
|
||||
return $string;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue