Distilleries /
Expendable
@@ -13,7 +13,7 @@ |
||
| 13 | 13 | |
| 14 | 14 | $input = $request->all(); |
| 15 | 15 | |
| 16 | - array_walk_recursive($input, function (&$input) { |
|
| 16 | + array_walk_recursive($input, function(&$input) { |
|
| 17 | 17 | |
| 18 | 18 | $input = (new Security)->xss_clean($input); |
| 19 | 19 | |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | * @var string |
| 20 | 20 | * @access protected |
| 21 | 21 | */ |
| 22 | - protected $_xss_hash = ''; |
|
| 22 | + protected $_xss_hash = ''; |
|
| 23 | 23 | |
| 24 | 24 | /** |
| 25 | 25 | * List of never allowed strings |
@@ -174,7 +174,7 @@ discard block |
||
| 174 | 174 | } |
| 175 | 175 | else |
| 176 | 176 | { |
| 177 | - $str = str_replace(array('<?', '?' . '>'), array('<?', '?>'), $str); |
|
| 177 | + $str = str_replace(array('<?', '?'.'>'), array('<?', '?>'), $str); |
|
| 178 | 178 | } |
| 179 | 179 | |
| 180 | 180 | /* |
@@ -194,12 +194,12 @@ discard block |
||
| 194 | 194 | |
| 195 | 195 | for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++) |
| 196 | 196 | { |
| 197 | - $temp .= substr($word, $i, 1) . "\s*"; |
|
| 197 | + $temp .= substr($word, $i, 1)."\s*"; |
|
| 198 | 198 | } |
| 199 | 199 | |
| 200 | 200 | // We only want to do this when it is followed by a non-word character |
| 201 | 201 | // That way valid stuff like "dealer to" does not become "dealerto" |
| 202 | - $str = preg_replace_callback('#(' . substr($temp, 0, -3) . ')(\W)#is', array($this, '_compact_exploded_words'), $str); |
|
| 202 | + $str = preg_replace_callback('#('.substr($temp, 0, -3).')(\W)#is', array($this, '_compact_exploded_words'), $str); |
|
| 203 | 203 | } |
| 204 | 204 | |
| 205 | 205 | /* |
@@ -244,7 +244,7 @@ discard block |
||
| 244 | 244 | * Becomes: <blink> |
| 245 | 245 | */ |
| 246 | 246 | $naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss'; |
| 247 | - $str = preg_replace_callback('#<(/*\s*)(' . $naughty . ')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); |
|
| 247 | + $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); |
|
| 248 | 248 | |
| 249 | 249 | /* |
| 250 | 250 | * Sanitize naughty scripting elements |
@@ -325,7 +325,7 @@ discard block |
||
| 325 | 325 | do |
| 326 | 326 | { |
| 327 | 327 | $str = preg_replace( |
| 328 | - "#<(/?[^><]+?)([^A-Za-z\-])(" . implode('|', $evil_attributes) . ")(\s*=\s*)([\"][^>]*?[\"]|[\'][^>]*?[\']|[^>]*?)([\s><])([><]*)#i", |
|
| 328 | + "#<(/?[^><]+?)([^A-Za-z\-])(".implode('|', $evil_attributes).")(\s*=\s*)([\"][^>]*?[\"]|[\'][^>]*?[\']|[^>]*?)([\s><])([><]*)#i", |
|
| 329 | 329 | "<$1$6", |
| 330 | 330 | $str, -1, $count |
| 331 | 331 | ); |
@@ -353,7 +353,7 @@ discard block |
||
| 353 | 353 | * @param string |
| 354 | 354 | * @return string |
| 355 | 355 | */ |
| 356 | - public function entity_decode($str, $charset='UTF-8') |
|
| 356 | + public function entity_decode($str, $charset = 'UTF-8') |
|
| 357 | 357 | { |
| 358 | 358 | if (stristr($str, '&') === FALSE) |
| 359 | 359 | { |
@@ -396,21 +396,21 @@ discard block |
||
| 396 | 396 | '?', |
| 397 | 397 | "%20", |
| 398 | 398 | "%22", |
| 399 | - "%3c", // < |
|
| 400 | - "%253c", // < |
|
| 401 | - "%3e", // > |
|
| 402 | - "%0e", // > |
|
| 403 | - "%28", // ( |
|
| 404 | - "%29", // ) |
|
| 405 | - "%2528", // ( |
|
| 406 | - "%26", // & |
|
| 407 | - "%24", // $ |
|
| 408 | - "%3f", // ? |
|
| 409 | - "%3b", // ; |
|
| 399 | + "%3c", // < |
|
| 400 | + "%253c", // < |
|
| 401 | + "%3e", // > |
|
| 402 | + "%0e", // > |
|
| 403 | + "%28", // ( |
|
| 404 | + "%29", // ) |
|
| 405 | + "%2528", // ( |
|
| 406 | + "%26", // & |
|
| 407 | + "%24", // $ |
|
| 408 | + "%3f", // ? |
|
| 409 | + "%3b", // ; |
|
| 410 | 410 | "%3d" // = |
| 411 | 411 | ); |
| 412 | 412 | |
| 413 | - if ( ! $relative_path) |
|
| 413 | + if (!$relative_path) |
|
| 414 | 414 | { |
| 415 | 415 | $bad[] = './'; |
| 416 | 416 | $bad[] = '/'; |
@@ -600,7 +600,7 @@ discard block |
||
| 600 | 600 | * Just as above, adds a semicolon if missing. |
| 601 | 601 | * |
| 602 | 602 | */ |
| 603 | - $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); |
|
| 603 | + $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i', "\\1\\2;", $str); |
|
| 604 | 604 | |
| 605 | 605 | |
| 606 | 606 | return $str; |
@@ -638,11 +638,11 @@ discard block |
||
| 638 | 638 | |
| 639 | 639 | if ($url_encoded) |
| 640 | 640 | { |
| 641 | - $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 |
|
| 642 | - $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 |
|
| 641 | + $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 |
|
| 642 | + $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 |
|
| 643 | 643 | } |
| 644 | 644 | |
| 645 | - $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 |
|
| 645 | + $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 |
|
| 646 | 646 | |
| 647 | 647 | do |
| 648 | 648 | { |
