Skip to content

Commit

Permalink
Updated htmlawed
Browse files Browse the repository at this point in the history
  • Loading branch information
@mystralkk
mystralkk committed Jan 16, 2022
1 parent 01b7069 commit 00ebcf9
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 14 deletions.
8 changes: 4 additions & 4 deletions system/classes/htmLawed/htmLawed.php
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<?php

/*
htmLawed 1.2.5, 24 September 2019
htmLawed 1.2.6, 4 September 2021
Copyright Santosh Patnaik
Dual licensed with LGPL 3 and GPL 2+
A PHP Labware internal utility - www.bioinformatics.org/phplabware/internal_utilities/htmLawed
Expand Down Expand Up @@ -37,8 +37,8 @@ function htmLawed($t, $C=1, $S=array()){
}
$C['elements'] =& $e;
// config attrs
$x = !empty($C['deny_attribute']) ? strtolower(str_replace(array("\n", "\r", "\t", ' '), '', $C['deny_attribute'])) : '';
$x = array_flip((isset($x[0]) && $x[0] == '*') ? str_replace('/', 'data-', explode('-', str_replace('data-', '/', $x))) : explode(',', $x. (!empty($C['safe']) ? ',on*' : '')));
$x = !empty($C['deny_attribute']) ? strtolower(preg_replace('"\s+-"', '/', trim($C['deny_attribute']))) : '';
$x = array_flip((isset($x[0]) && $x[0] == '*') ? explode('/', $x) : explode(',', $x. (!empty($C['safe']) ? ',on*' : '')));
$C['deny_attribute'] = $x;
// config URLs
$x = (isset($C['schemes'][2]) && strpos($C['schemes'], ':')) ? strtolower($C['schemes']) : 'href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, tel, telnet'. (empty($C['safe']) ? ', app, javascript; *: data, javascript, ' : '; *:'). 'file, http, https';
Expand Down Expand Up @@ -725,5 +725,5 @@ function hl_tidy($t, $w, $p){

function hl_version(){
// version
return '1.2.5';
return '1.2.6';
}
21 changes: 18 additions & 3 deletions system/classes/htmLawed/htmLawedTest.php
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<?php

/*
htmLawedTest.php, 17 May 2017
htmLawedTest.php, 21 December 2020
To test htmLawed
Copyright Santosh Patnaik
Dual licensed with LGPL 3 and GPL 2+
Expand Down Expand Up @@ -36,6 +36,21 @@
}

// slashes
if(!function_exists('get_magic_quotes_gpc')){
function get_magic_quotes_gpc(){
return false;
}
}
if(!function_exists('get_magic_quotes_runtime')){
function get_magic_quotes_runtime(){
return false;
}
}
if(!function_exists('set_magic_quotes_runtime')){
function set_magic_quotes_runtime($new_setting){
return true;
}
}
if(get_magic_quotes_gpc()){
foreach($_POST as $k => $v){
$_POST[$k] = stripslashes($v);
Expand Down Expand Up @@ -561,8 +576,8 @@ function sndValidn(id, type){
foreach($cfg as $k=>$v){
echo '<li>', $k, ': ';
if(!empty($v[0])){ // input radio
$j = $v[3];
for($i = $j-1; ++$i < $v[0]+$v[3];++$j){
$j = intval($v[3]);
for($i = $j-1; ++$i < intval($v[0]) + intval($v[3]); ++$j){
echo '<input type="radio" name="h', $k, '" value="', $i, '"', (!isset($_POST['h'. $k]) ? ($v[1] == $i ? ' checked="checked"' : '') : ($_POST['h'. $k] == $i ? ' checked="checked"' : '')), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />', $i, ' ';
}
if($v[1] == 'nil'){
Expand Down
10 changes: 6 additions & 4 deletions system/classes/htmLawed/htmLawed_README.htm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,8 +111,8 @@ <h1><a id="peak" name="peak"></a>htmLawed documentation</h1>

<div id="body">
<br />
<div class="comment">htmLawed_README.txt, 24 September 2019<br />
htmLawed 1.2.5, 24 September 2019<br />
<div class="comment">htmLawed_README.txt, 4 September 2021<br />
htmLawed 1.2.6, 4 September 2021<br />
Copyright Santosh Patnaik<br />
Dual licensed with LGPL 3 and GPL 2+<br />
A PHP Labware internal utility &#45; <a href="http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed">http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed</a>&#160;</div>
Expand Down Expand Up @@ -1313,7 +1313,7 @@ <h1><a id="peak" name="peak"></a>htmLawed documentation</h1>
<br />
&#160; Note that attributes specified in <span class="term">$config["deny_attribute"]</span>&#160;are denied globally, for all elements. To deny attributes for only specific elements, <span class="term">$spec</span>&#160;(see <a href="#s2.3">section 2.3</a>) can be used. <span class="term">$spec</span>&#160;can also be used to element-specifically permit an attribute otherwise denied through <span class="term">$config["deny_attribute"]</span>.<br />
<br />
&#160; Finer restrictions on attributes can also be put into effect through <span class="term">$config["deny_attribute"]</span>&#160;(<a href="3.4.9">section</a>).<br />
&#160; Finer restrictions on attributes can also be put into effect through <span class="term">$config["hook_tag"]</span>&#160;(<a href="#s3.4.9">section 3.4.9</a>).<br />
<br />
&#160; <strong>Note</strong>: To deny all but a few attributes globally, a simpler way to specify <span class="term">$config["deny_attribute"]</span>&#160;would be to use the notation <span class="term">&#42; -attribute1 -attribute2 ...</span>. Thus, a value of <span class="term">&#42; -title -href</span>&#160;implies that except <span class="term">href</span>&#160;and <span class="term">title</span>&#160;(where allowed as per standards) all other attributes are to be removed. With this notation, the value for the parameter <span class="term">safe</span>&#160;(<a href="#s3.6">section 3.6</a>) will have no effect on <span class="term">deny_attribute</span>. Values of <span class="term">aria&#42;</span>&#160;<span class="term">data&#42;</span>, and <span class="term">on&#42;</span>&#160;cannot be used in this notation to refer to the sets of all ARIA, data-*, and on* attributes respectively.<br />
<br />
Expand Down Expand Up @@ -1827,6 +1827,8 @@ <h1><a id="peak" name="peak"></a>htmLawed documentation</h1>
<br />
&#160; <em>Version number - Release date. Notes</em><br />
<br />
&#160; 1.2.6 - 4 September 2021. Fixes a bug that arises when <span class="term">$config["deny_attribute"]</span>&#160;has a <span class="term">data-&#42;</span>&#160;attribute with &gt; 1 hyphen character<br />
<br />
&#160; 1.2.5 - 24 September 2019. Fixes two bugs in <span class="term">font</span>&#160;tag transformation<br />
<br />
&#160; 1.2.4.2 - 16 May 2019. Corrects a PHP notice if a semi-colon is present in <span class="term">$config["schemes"]</span><br />
Expand Down Expand Up @@ -2282,7 +2284,7 @@ <h1><a id="peak" name="peak"></a>htmLawed documentation</h1>
</div>
</div>
<br />
<hr /><br /><br /><span class="subtle"><small>HTM version of <em><a href="htmLawed_README.txt">htmLawed_README.txt</a></em> generated on 25 Sep, 2019 using <a href="http://www.bioinformatics.org/phplabware/internal_utilities">rTxt2htm</a> from PHP Labware</small></span>
<hr /><br /><br /><span class="subtle"><small>HTM version of <em><a href="htmLawed_README.txt">htmLawed_README.txt</a></em> generated on 03 Sep, 2021 using <a href="http://www.bioinformatics.org/phplabware/internal_utilities">rTxt2htm</a> from PHP Labware</small></span>
</div><!-- ended div body -->
</div><!-- ended div top -->
</body>
Expand Down
8 changes: 5 additions & 3 deletions system/classes/htmLawed/htmLawed_README.txt
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
/*
htmLawed_README.txt, 24 September 2019
htmLawed 1.2.5, 24 September 2019
htmLawed_README.txt, 4 September 2021
htmLawed 1.2.6, 4 September 2021
Copyright Santosh Patnaik
Dual licensed with LGPL 3 and GPL 2+
A PHP Labware internal utility - http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed
Expand Down Expand Up @@ -1027,7 +1027,7 @@ A PHP Labware internal utility - http://www.bioinformatics.org/phplabware/intern

Note that attributes specified in '$config["deny_attribute"]' are denied globally, for all elements. To deny attributes for only specific elements, '$spec' (see section:- #2.3) can be used. '$spec' can also be used to element-specifically permit an attribute otherwise denied through '$config["deny_attribute"]'.

Finer restrictions on attributes can also be put into effect through '$config["deny_attribute"]' (section:- 3.4.9).
Finer restrictions on attributes can also be put into effect through '$config["hook_tag"]' (section:- #3.4.9).

*Note*: To deny all but a few attributes globally, a simpler way to specify '$config["deny_attribute"]' would be to use the notation '* -attribute1 -attribute2 ...'. Thus, a value of '* -title -href' implies that except 'href' and 'title' (where allowed as per standards) all other attributes are to be removed. With this notation, the value for the parameter 'safe' (section:- #3.6) will have no effect on 'deny_attribute'. Values of 'aria*' 'data*', and 'on*' cannot be used in this notation to refer to the sets of all ARIA, data-*, and on* attributes respectively.

Expand Down Expand Up @@ -1370,6 +1370,8 @@ A PHP Labware internal utility - http://www.bioinformatics.org/phplabware/intern

`Version number - Release date. Notes`

1.2.6 - 4 September 2021. Fixes a bug that arises when '$config["deny_attribute"]' has a 'data-*' attribute with > 1 hyphen character

1.2.5 - 24 September 2019. Fixes two bugs in 'font' tag transformation

1.2.4.2 - 16 May 2019. Corrects a PHP notice if a semi-colon is present in '$config["schemes"]'
Expand Down

0 comments on commit 00ebcf9

Please sign in to comment.