| [ Index ] |
|
Code source de phpMyAdmin 2.10.3 |
1 <?php 2 /* vim: set expandtab sw=4 ts=4 sts=4: */ 3 /** 4 * 5 * @version $Id: sanitizing.lib.php 10299 2007-04-17 17:13:20Z lem9 $ 6 */ 7 8 /** 9 * Sanitizes $message, taking into account our special codes 10 * for formatting 11 * 12 * @uses preg_replace() 13 * @uses strtr() 14 * @param string the message 15 * 16 * @return string the sanitized message 17 * 18 * @access public 19 */ 20 function PMA_sanitize($message) 21 { 22 $replace_pairs = array( 23 '<' => '<', 24 '>' => '>', 25 '[i]' => '<em>', // deprecated by em 26 '[/i]' => '</em>', // deprecated by em 27 '[em]' => '<em>', 28 '[/em]' => '</em>', 29 '[b]' => '<strong>', // deprecated by strong 30 '[/b]' => '</strong>', // deprecated by strong 31 '[strong]' => '<strong>', 32 '[/strong]' => '</strong>', 33 '[tt]' => '<code>', // deprecated by CODE or KBD 34 '[/tt]' => '</code>', // deprecated by CODE or KBD 35 '[code]' => '<code>', 36 '[/code]' => '</code>', 37 '[kbd]' => '<kbd>', 38 '[/kbd]' => '</kbd>', 39 '[br]' => '<br />', 40 '[/a]' => '</a>', 41 '[sup]' => '<sup>', 42 '[/sup]' => '</sup>', 43 ); 44 $message = strtr($message, $replace_pairs); 45 46 $pattern = '/\[a@([^"@]*)@([^]"]*)\]/'; 47 48 if (preg_match_all($pattern, $message, $founds, PREG_SET_ORDER)) { 49 $valid_links = array( 50 'http', // default http:// links (and https://) 51 './Do', // ./Documentation 52 ); 53 54 foreach ($founds as $found) { 55 // only http... and ./Do... allowed 56 if (! in_array(substr($found[1], 0, 4), $valid_links)) { 57 return $message; 58 } 59 // a-z and _ allowed in target 60 if (! empty($found[2]) && preg_match('/[^a-z_]+/i', $found[2])) { 61 return $message; 62 } 63 } 64 65 $message = preg_replace($pattern, '<a href="\1" target="\2">', $message); 66 } 67 68 return $message; 69 } 70 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 15:18:20 2007 | par Balluche grâce à PHPXref 0.7 |
|
|