Revision 1777
Added by Dietmar about 12 years ago
class.wb.php | ||
---|---|---|
267 | 267 |
} |
268 | 268 |
|
269 | 269 |
/** |
270 |
* wb::send_header() |
|
271 | 270 |
* replace header('Location:... with new method |
272 | 271 |
* if header send failed you get a manuell redirected link, so script don't break |
272 |
* |
|
273 | 273 |
* @param string $location, redirected url |
274 | 274 |
* @return void |
275 | 275 |
*/ |
... | ... | |
529 | 529 |
} |
530 | 530 |
} |
531 | 531 |
|
532 |
/** |
|
533 |
* |
|
534 |
* remove [[text]], link, script, scriptblock and styleblock from a given string |
|
535 |
* and return the cleaned string |
|
536 |
* |
|
537 |
* @param string $sValue |
|
538 |
* @returns |
|
539 |
* false: if @param is not a string |
|
540 |
* string: cleaned string |
|
541 |
*/ |
|
542 |
public function StripCodeFromText($sValue){ |
|
543 |
if(!is_string($sValue)) { return false; } |
|
544 |
$sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU'; |
|
545 |
return (preg_replace ($sPattern, '', $sValue)); |
|
546 |
} |
|
547 |
|
|
548 |
|
|
532 | 549 |
} |
Also available in: Unified diff
+ add methode StripCodeFromText in class.wb to clean injection
! rebranding the admin/settings and security fixes
! a few new styling in backend wb_theme
! beginning aa lot of account changes like correction of $_SESSION indexe, security fixes
+ add head.load.min.js and head.min.js to /include/jquery/ to style HTML5 templates