Project

General

Profile

« Previous | Next » 

Revision 1777

Added by Dietmar about 12 years ago

+ add methode StripCodeFromText in class.wb to clean injection
! rebranding the admin/settings and security fixes
! a few new styling in backend wb_theme
! beginning aa lot of account changes like correction of $_SESSION indexe, security fixes
+ add head.load.min.js and head.min.js to /include/jquery/ to style HTML5 templates

View differences:

class.wb.php
267 267
	}
268 268

  
269 269
	/**
270
	 * wb::send_header()
271 270
     * replace header('Location:...  with new method
272 271
	 * if header send failed you get a manuell redirected link, so script don't break
272
	 *
273 273
	 * @param string $location, redirected url
274 274
	 * @return void
275 275
	 */
......
529 529
		}
530 530
	}
531 531

  
532
	/**
533
     *
534
     * remove [[text]], link, script, scriptblock and styleblock from a given string
535
     * and return the cleaned string
536
	 *
537
	 * @param string $sValue
538
     * @returns
539
     *    false: if @param is not a string
540
     *    string: cleaned string
541
	 */
542
	public function StripCodeFromText($sValue){
543
        if(!is_string($sValue)) { return false; }
544
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
545
        return (preg_replace ($sPattern, '', $sValue));
546
	}
547

  
548

  
532 549
}

Also available in: Unified diff