Menu
▾
▴
xoops-svn
|
From: <rgr...@us...> - 2013-09-22 22:51:53
|
Revision: 12084
http://sourceforge.net/p/xoops/svn/12084
Author: rgriffith
Date: 2013-09-22 22:51:50 +0000 (Sun, 22 Sep 2013)
Log Message:
-----------
Fix preg_replace issue
Modified Paths:
--------------
XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php
Modified: XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php 2013-09-22 21:44:50 UTC (rev 12083)
+++ XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php 2013-09-22 22:51:50 UTC (rev 12084)
@@ -425,9 +425,17 @@
$charset = defined('_CHARSET') ? constant('_CHARSET') : 'utf-8';
$source = html_entity_decode($source, ENT_QUOTES, $charset);
// convert decimal
- $source = preg_replace('/&#(\d+);/me',"chr(\\1)", $source); // decimal notation
+ $source = preg_replace_callback(
+ '/&#(\d+);/m',
+ create_function('$matches', "return chr(\$matches[1]);"),
+ $source
+ );
// convert hex
- $source = preg_replace('/&#x([a-f0-9]+);/mei',"chr(0x\\1)", $source); // hex notation
+ $source = preg_replace_callback(
+ '/&#x([a-f0-9]+);/mi',
+ create_function('$matches', "return chr('0x'.\$matches[1]);"),
+ $source
+ ); // hex notation
return $source;
}
}
|
|
From: <rgr...@us...> - 2013-09-23 14:04:53
|
Revision: 12089
http://sourceforge.net/p/xoops/svn/12089
Author: rgriffith
Date: 2013-09-23 14:04:50 +0000 (Mon, 23 Sep 2013)
Log Message:
-----------
Add missing control character check
Modified Paths:
--------------
XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php
Modified: XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php 2013-09-23 06:37:26 UTC (rev 12088)
+++ XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php 2013-09-23 14:04:50 UTC (rev 12089)
@@ -216,8 +216,8 @@
) {
$result='';
}
- // do not allow quotes or tag brackets
- if (!preg_match('#^[^"<>]+$#', $result)) {
+ // do not allow quotes, tag brackets or controls
+ if (!preg_match('#^[^"<>\x00-\x1F]+$#', $result)) {
$result='';
}
break;
|
|
From: <rgr...@us...> - 2013-09-24 14:11:49
|
Revision: 12090
http://sourceforge.net/p/xoops/svn/12090
Author: rgriffith
Date: 2013-09-24 14:11:46 +0000 (Tue, 24 Sep 2013)
Log Message:
-----------
Code cleanup
Modified Paths:
--------------
XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php
Modified: XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php 2013-09-23 14:04:50 UTC (rev 12089)
+++ XoopsCore/branches/2.5.x/2.5.7/htdocs/class/xoopsfilterinput.php 2013-09-24 14:11:46 UTC (rev 12090)
@@ -10,47 +10,68 @@
*/
/**
- * Backport of Xmf\FilterInput, using Daniel Morris's original
- * PHP INPUT FILTER for php4
+ * XoopsFilterInput is a class for filtering input from any data source
+ *
+ * Forked from the php input filter library by Daniel Morris
*
- * @class: XoopsFilterInput (PHP4 & PHP5, with comments)
- * @project: PHP Input Filter
- * @date: 10-05-2005
- * @version: 1.2.2_php4/php5
- * @author: Daniel Morris
- * @contributors: Gianpaolo Racca, Ghislain Picard, Marco Wandschneider, Chris Tobin and Andrew Eddie.
- * @author Louis Landry <lou...@jo...>
- * @author Grégory Mage (Aka Mage)
- * @author trabis <lus...@gm...>
- * @author Richard Griffith <ri...@ge...>
- * @copyright: Daniel Morris
- * @email: da...@ro...
- * @license: GNU General Public License (GPL)
+ * Original Contributors: Gianpaolo Racca, Ghislain Picard,
+ * Marco Wandschneider, Chris Tobin and Andrew Eddie.
+ *
+ * @category XoopsFilterInput
+ * @package Xoops
+ * @author Daniel Morris <da...@ro...>
+ * @author Louis Landry <lou...@jo...>
+ * @author Grégory Mage (Aka Mage)
+ * @author trabis <lus...@gm...>
+ * @author Richard Griffith <ri...@ge...>
+ * @copyright 2005 Daniel Morris
+ * @copyright 2005 - 2013 Open Source Matters, Inc. All rights reserved.
+ * @copyright 2011-2013 The XOOPS Project http://sourceforge.net/projects/xoops/
+ * @license GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
+ * @version Release: 1.0
+ * @link http://xoops.org
+ * @since 2.5.7
*/
-class XoopsFilterInput {
- var $tagsArray; // default = empty array
- var $attrArray; // default = empty array
+class XoopsFilterInput
+{
+ protected $tagsArray; // default = empty array
+ protected $attrArray; // default = empty array
- var $tagsMethod; // default = 0
- var $attrMethod; // default = 0
+ protected $tagsMethod; // default = 0
+ protected $attrMethod; // default = 0
- var $xssAuto; // default = 1
- var $tagBlacklist = array('applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml');
- var $attrBlacklist = array('action', 'background', 'codebase', 'dynsrc', 'lowsrc'); // also will strip ALL event handlers
-
- /**
- * Constructor for XoopsFilterInput class. Only first parameter is required.
- * @access constructor
- * @param Array $tagsArray - list of user-defined tags
- * @param Array $attrArray - list of user-defined attributes
- * @param int $tagsMethod - 0= allow just user-defined, 1= allow all but user-defined
- * @param int $attrMethod - 0= allow just user-defined, 1= allow all but user-defined
- * @param int $xssAuto - 0= only auto clean essentials, 1= allow clean blacklisted tags/attr
+ protected $xssAuto; // default = 1
+ protected $tagBlacklist = array(
+ 'applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame',
+ 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer',
+ 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml'
+ );
+ // also will strip ALL event handlers
+ protected $attrBlacklist = array('action', 'background', 'codebase', 'dynsrc', 'lowsrc');
+
+ /**
+ * Constructor
+ *
+ * @param Array $tagsArray - list of user-defined tags
+ * @param Array $attrArray - list of user-defined attributes
+ * @param int $tagsMethod - 0 = allow just user-defined, 1 = allow all but user-defined
+ * @param int $attrMethod - 0 = allow just user-defined, 1 = allow all but user-defined
+ * @param int $xssAuto - 0 = only auto clean essentials, 1 = allow clean blacklisted tags/attr
*/
- function XoopsFilterInput($tagsArray = array(), $attrArray = array(), $tagsMethod = 0, $attrMethod = 0, $xssAuto = 1) {
+ public function __construct(
+ $tagsArray = array(),
+ $attrArray = array(),
+ $tagsMethod = 0,
+ $attrMethod = 0,
+ $xssAuto = 1
+ ) {
// make sure user defined arrays are in lowercase
- for ($i = 0; $i < count($tagsArray); $i++) $tagsArray[$i] = strtolower($tagsArray[$i]);
- for ($i = 0; $i < count($attrArray); $i++) $attrArray[$i] = strtolower($attrArray[$i]);
+ for ($i = 0; $i < count($tagsArray); $i++) {
+ $tagsArray[$i] = strtolower($tagsArray[$i]);
+ }
+ for ($i = 0; $i < count($attrArray); $i++) {
+ $attrArray[$i] = strtolower($attrArray[$i]);
+ }
// assign to member vars
$this->tagsArray = (array) $tagsArray;
$this->attrArray = (array) $attrArray;
@@ -58,25 +79,25 @@
$this->attrMethod = $attrMethod;
$this->xssAuto = $xssAuto;
}
-
+
/**
* Returns a reference to an input filter object, only creating it if it doesn't already exist.
*
* This method must be invoked as:
- * <pre> $filter = & XoopsFilterInput::getInstance();</pre>
+ * $filter = & XoopsFilterInput::getInstance();
*
* @param array $tagsArray list of user-defined tags
* @param array $attrArray list of user-defined attributes
* @param int $tagsMethod WhiteList method = 0, BlackList method = 1
* @param int $attrMethod WhiteList method = 0, BlackList method = 1
- * @param int $xssAuto Only auto clean essentials = 0,
- * Allow clean blacklisted tags/attr = 1
- *
+ * @param int $xssAuto Only auto clean essentials = 0,
+ * Allow clean blacklisted tags/attr = 1
+ *
* @return XoopsFilterInput object.
* @since 1.5
* @static
*/
- static function getInstance(
+ public static function getInstance(
$tagsArray = array(),
$attrArray = array(),
$tagsMethod = 0,
@@ -92,31 +113,39 @@
}
if (empty ($instances[$sig])) {
- $instances[$sig] = new XoopsFilterInput($tagsArray, $attrArray, $tagsMethod, $attrMethod, $xssAuto);
+ $classname = __CLASS__ ;
+ $instances[$sig] = new $classname ($tagsArray, $attrArray, $tagsMethod, $attrMethod, $xssAuto);
}
return $instances[$sig];
}
- /**
- * Method to be called by another php script. Processes for XSS and specified bad code.
- * @access public
+ /**
+ * Method to be called by another php script. Processes for XSS and
+ * any specified bad code.
+ *
* @param Mixed $source - input string/array-of-string to be 'cleaned'
+ *
* @return String $source - 'cleaned' version of input parameter
*/
- function process($source) {
- // clean all elements in this array
+ public function process($source)
+ {
if (is_array($source)) {
- foreach($source as $key => $value)
+ // clean all elements in this array
+ foreach ($source as $key => $value) {
// filter element for XSS and other 'bad' code etc.
- if (is_string($value)) $source[$key] = $this->remove($this->decode($value));
+ if (is_string($value)) {
+ $source[$key] = $this->remove($this->decode($value));
+ }
+ }
return $source;
- // clean this string
- } else if (is_string($source)) {
- // filter source for XSS and other 'bad' code etc.
+ } elseif (is_string($source)) {
+ // clean this string
return $this->remove($this->decode($source));
- // return parameter as given
- } else return $source;
+ } else {
+ // return parameter as given
+ return $source;
+ }
}
/**
@@ -127,12 +156,25 @@
* @param string $type Return type for the variable (INT, FLOAT,
* BOOLEAN, WORD, ALNUM, CMD, BASE64, STRING,
* ARRAY, PATH, NONE)
- *
+ *
* @return mixed 'Cleaned' version of input parameter
* @static
*/
- static function clean($source, $type = 'string')
+ public static function clean($source, $type = 'string')
{
+ static $filter = null;
+
+ // need an instance for methods, since this is supposed to be static
+ // we must instantiate the class - this will take defaults
+ if (!is_object($filter)) {
+ if (isset($this) && is_a($this, __CLASS__)) {
+ $filter =& $this;
+ } else {
+ $classname = __CLASS__ ;
+ $filter = $classname::getInstance();
+ }
+ }
+
// Handle the type constraint
switch (strtoupper($type)) {
case 'INT':
@@ -172,22 +214,10 @@
break;
case 'STRING':
- // Check for static usage and assign $filter the proper variable
- if (isset($this) && is_a($this, 'XoopsFilterInput')) {
- $filter =& $this;
- } else {
- $filter = XoopsFilterInput::getInstance();
- }
$result = (string) $filter->process($source);
break;
case 'ARRAY':
- // Check for static usage and assign $filter the proper variable
- if (isset($this) && is_a($this, 'XoopsFilterInput')) {
- $filter =& $this;
- } else {
- $filter = XoopsFilterInput::getInstance();
- }
$result = (array) $filter->process($source);
break;
@@ -202,12 +232,6 @@
break;
case 'WEBURL':
- // Check for static usage and assign $filter the proper variable
- if (isset($this) && is_a($this, 'XoopsFilterInput')) {
- $filter =& $this;
- } else {
- $filter = XoopsFilterInput::getInstance();
- }
$result = (string) $filter->process($source);
// allow only relative, http or https
$urlparts=parse_url($result);
@@ -223,12 +247,6 @@
break;
default:
- // Check for static usage and assign $filter the proper variable
- if (isset($this) && is_a($this, 'XoopsFilterInput')) {
- $filter =& $this;
- } else {
- $filter = XoopsFilterInput::getInstance();
- }
$result = $filter->process($source);
break;
}
@@ -236,44 +254,50 @@
return $result;
}
-
- /**
+ /**
* Internal method to iteratively remove all unwanted tags and attributes
- * @access protected
+ *
* @param String $source - input string to be 'cleaned'
+ *
* @return String $source - 'cleaned' version of input parameter
*/
- function remove($source) {
+ protected function remove($source)
+ {
$loopCounter=0;
// provides nested-tag protection
- while($source != $this->filterTags($source)) {
+ while ($source != $this->filterTags($source)) {
$source = $this->filterTags($source);
$loopCounter++;
}
+
return $source;
- }
-
- /**
+ }
+
+ /**
* Internal method to strip a string of certain tags
- * @access protected
+ *
* @param String $source - input string to be 'cleaned'
+ *
* @return String $source - 'cleaned' version of input parameter
*/
- function filterTags($source) {
+ protected function filterTags($source)
+ {
// filter pass setup
- $preTag = NULL;
+ $preTag = null;
$postTag = $source;
// find initial tag's position
$tagOpen_start = strpos($source, '<');
// interate through string until no tags left
- while($tagOpen_start !== FALSE) {
+ while ($tagOpen_start !== false) {
// process tag interatively
$preTag .= substr($postTag, 0, $tagOpen_start);
$postTag = substr($postTag, $tagOpen_start);
$fromTagOpen = substr($postTag, 1);
// end of tag
$tagOpen_end = strpos($fromTagOpen, '>');
- if ($tagOpen_end === false) break;
+ if ($tagOpen_end === false) {
+ break;
+ }
// next start of tag (for nested tag assessment)
$tagOpen_nested = strpos($fromTagOpen, '<');
if (($tagOpen_nested !== false) && ($tagOpen_nested < $tagOpen_end)) {
@@ -281,52 +305,65 @@
$postTag = substr($postTag, ($tagOpen_nested+1));
$tagOpen_start = strpos($postTag, '<');
continue;
- }
+ }
$tagOpen_nested = (strpos($fromTagOpen, '<') + $tagOpen_start + 1);
$currentTag = substr($fromTagOpen, 0, $tagOpen_end);
$tagLength = strlen($currentTag);
if (!$tagOpen_end) {
$preTag .= $postTag;
- $tagOpen_start = strpos($postTag, '<');
+ $tagOpen_start = strpos($postTag, '<');
}
// iterate through tag finding attribute pairs - setup
$tagLeft = $currentTag;
$attrSet = array();
$currentSpace = strpos($tagLeft, ' ');
- // is end tag
if (substr($currentTag, 0, 1) == "/") {
- $isCloseTag = TRUE;
+ // is end tag
+ $isCloseTag = true;
list($tagName) = explode(' ', $currentTag);
$tagName = substr($tagName, 1);
- // is start tag
} else {
- $isCloseTag = FALSE;
+ // is start tag
+ $isCloseTag = false;
list($tagName) = explode(' ', $currentTag);
- }
+ }
// excludes all "non-regular" tagnames OR no tagname OR remove if xssauto is on and tag is blacklisted
- if ((!preg_match("/^[a-z][a-z0-9]*$/i",$tagName)) || (!$tagName) || ((in_array(strtolower($tagName), $this->tagBlacklist)) && ($this->xssAuto))) {
+ if ((!preg_match("/^[a-z][a-z0-9]*$/i", $tagName))
+ || (!$tagName)
+ || ((in_array(strtolower($tagName), $this->tagBlacklist))
+ && ($this->xssAuto))
+ ) {
$postTag = substr($postTag, ($tagLength + 2));
$tagOpen_start = strpos($postTag, '<');
// don't append this tag
continue;
}
// this while is needed to support attribute values with spaces in!
- while ($currentSpace !== FALSE) {
+ while ($currentSpace !== false) {
$fromSpace = substr($tagLeft, ($currentSpace+1));
$nextSpace = strpos($fromSpace, ' ');
$openQuotes = strpos($fromSpace, '"');
$closeQuotes = strpos(substr($fromSpace, ($openQuotes+1)), '"') + $openQuotes + 1;
// another equals exists
- if (strpos($fromSpace, '=') !== FALSE) {
+ if (strpos($fromSpace, '=') !== false) {
// opening and closing quotes exists
- if (($openQuotes !== FALSE) && (strpos(substr($fromSpace, ($openQuotes+1)), '"') !== FALSE))
+ if (($openQuotes !== false)
+ && (strpos(substr($fromSpace, ($openQuotes+1)), '"') !== false)
+ ) {
$attr = substr($fromSpace, 0, ($closeQuotes+1));
+ } else {
+ $attr = substr($fromSpace, 0, $nextSpace);
+ }
// one or neither exist
- else $attr = substr($fromSpace, 0, $nextSpace);
- // no more equals exist
- } else $attr = substr($fromSpace, 0, $nextSpace);
+
+ } else {
+ // no more equals exist
+ $attr = substr($fromSpace, 0, $nextSpace);
+ }
// last attr pair
- if (!$attr) $attr = $fromSpace;
+ if (!$attr) {
+ $attr = $fromSpace;
+ }
// add to attribute pairs array
$attrSet[] = $attr;
// next inc
@@ -334,48 +371,64 @@
$currentSpace = strpos($tagLeft, ' ');
}
// appears in array specified by user
- $tagFound = in_array(strtolower($tagName), $this->tagsArray);
+ $tagFound = in_array(strtolower($tagName), $this->tagsArray);
// remove this tag on condition
if ((!$tagFound && $this->tagsMethod) || ($tagFound && !$this->tagsMethod)) {
// reconstruct tag with allowed attributes
if (!$isCloseTag) {
$attrSet = $this->filterAttr($attrSet);
$preTag .= '<' . $tagName;
- for ($i = 0; $i < count($attrSet); $i++)
+ for ($i = 0; $i < count($attrSet); $i++) {
$preTag .= ' ' . $attrSet[$i];
+ }
// reformat single tags to XHTML
- if (strpos($fromTagOpen, "</" . $tagName)) $preTag .= '>';
- else $preTag .= ' />';
- // just the tagname
- } else $preTag .= '</' . $tagName . '>';
+ if (strpos($fromTagOpen, "</" . $tagName)) {
+ $preTag .= '>';
+ } else {
+ $preTag .= ' />';
+ }
+ } else {
+ // just the tagname
+ $preTag .= '</' . $tagName . '>';
+ }
}
// find next tag's start
$postTag = substr($postTag, ($tagLength + 2));
- $tagOpen_start = strpos($postTag, '<');
+ $tagOpen_start = strpos($postTag, '<');
}
// append any code after end of tags
$preTag .= $postTag;
+
return $preTag;
}
- /**
+ /**
* Internal method to strip a tag of certain attributes
- * @access protected
- * @param Array $attrSet
- * @return Array $newSet
+ *
+ * @param array $attrSet attributes
+ *
+ * @return Array $newSet stripped attributes
*/
- function filterAttr($attrSet) {
+ protected function filterAttr($attrSet)
+ {
$newSet = array();
// process attributes
for ($i = 0; $i <count($attrSet); $i++) {
// skip blank spaces in tag
- if (!$attrSet[$i]) continue;
+ if (!$attrSet[$i]) {
+ continue;
+ }
// split into attr name and value
$attrSubSet = explode('=', trim($attrSet[$i]));
list($attrSubSet[0]) = explode(' ', $attrSubSet[0]);
// removes all "non-regular" attr names AND also attr blacklisted
- if ((!eregi("^[a-z]*$",$attrSubSet[0])) || (($this->xssAuto) && ((in_array(strtolower($attrSubSet[0]), $this->attrBlacklist)) || (substr($attrSubSet[0], 0, 2) == 'on'))))
+ if ((!preg_match('/[a-z]*$/i', $attrSubSet[0]))
+ || (($this->xssAuto)
+ && ((in_array(strtolower($attrSubSet[0]), $this->attrBlacklist))
+ || (substr($attrSubSet[0], 0, 2) == 'on')))
+ ) {
continue;
+ }
// xss attr value filtering
if ($attrSubSet[1]) {
// strips unicode, hex, etc
@@ -384,43 +437,57 @@
$attrSubSet[1] = preg_replace('/\s+/', '', $attrSubSet[1]);
// strip double quotes
$attrSubSet[1] = str_replace('"', '', $attrSubSet[1]);
- // [requested feature] convert single quotes from either side to doubles (Single quotes shouldn't be used to pad attr value)
- if ((substr($attrSubSet[1], 0, 1) == "'") && (substr($attrSubSet[1], (strlen($attrSubSet[1]) - 1), 1) == "'"))
+ // [requested feature] convert single quotes from either side to doubles
+ // (Single quotes shouldn't be used to pad attr value)
+ if ((substr($attrSubSet[1], 0, 1) == "'")
+ && (substr($attrSubSet[1], (strlen($attrSubSet[1]) - 1), 1) == "'")
+ ) {
$attrSubSet[1] = substr($attrSubSet[1], 1, (strlen($attrSubSet[1]) - 2));
+ }
// strip slashes
$attrSubSet[1] = stripslashes($attrSubSet[1]);
}
// auto strip attr's with "javascript:
- if ( ((strpos(strtolower($attrSubSet[1]), 'expression') !== false) && (strtolower($attrSubSet[0]) == 'style')) ||
- (strpos(strtolower($attrSubSet[1]), 'javascript:') !== false) ||
- (strpos(strtolower($attrSubSet[1]), 'behaviour:') !== false) ||
- (strpos(strtolower($attrSubSet[1]), 'vbscript:') !== false) ||
- (strpos(strtolower($attrSubSet[1]), 'mocha:') !== false) ||
- (strpos(strtolower($attrSubSet[1]), 'livescript:') !== false)
- ) continue;
+ if (((strpos(strtolower($attrSubSet[1]), 'expression') !== false)
+ && (strtolower($attrSubSet[0]) == 'style')) ||
+ (strpos(strtolower($attrSubSet[1]), 'javascript:') !== false) ||
+ (strpos(strtolower($attrSubSet[1]), 'behaviour:') !== false) ||
+ (strpos(strtolower($attrSubSet[1]), 'vbscript:') !== false) ||
+ (strpos(strtolower($attrSubSet[1]), 'mocha:') !== false) ||
+ (strpos(strtolower($attrSubSet[1]), 'livescript:') !== false)
+ ) {
+ continue;
+ }
// if matches user defined array
$attrFound = in_array(strtolower($attrSubSet[0]), $this->attrArray);
// keep this attr on condition
if ((!$attrFound && $this->attrMethod) || ($attrFound && !$this->attrMethod)) {
- // attr has value
- if ($attrSubSet[1]) $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[1] . '"';
- // attr has decimal zero as value
- else if ($attrSubSet[1] == "0") $newSet[] = $attrSubSet[0] . '="0"';
- // reformat single attributes to XHTML
- else $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[0] . '"';
- }
+ if ($attrSubSet[1]) {
+ // attr has value
+ $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[1] . '"';
+ } elseif ($attrSubSet[1] == "0") {
+ // attr has decimal zero as value
+ $newSet[] = $attrSubSet[0] . '="0"';
+ } else {
+ // reformat single attributes to XHTML
+ $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[0] . '"';
+ }
+ }
}
+
return $newSet;
}
-
- /**
+
+ /**
* Try to convert to plaintext
- * @access protected
- * @param String $source
- * @return String $source
+ *
+ * @param String $source string to decode
+ *
+ * @return String $source decoded
*/
- function decode($source) {
+ protected function decode($source)
+ {
// url decode
$charset = defined('_CHARSET') ? constant('_CHARSET') : 'utf-8';
$source = html_entity_decode($source, ENT_QUOTES, $charset);
@@ -436,6 +503,7 @@
create_function('$matches', "return chr('0x'.\$matches[1]);"),
$source
); // hex notation
+
return $source;
}
}
|
Thanks for helping keep SourceForge clean.
X