chamilo /
chamilo-lms
@@ -154,7 +154,9 @@ discard block |
||
| 154 | 154 | |
| 155 | 155 | public function set_image_wrapper() |
| 156 | 156 | { |
| 157 | - if ($this->debug) error_log('Image::set_image_wrapper loaded'); |
|
| 157 | + if ($this->debug) { |
|
| 158 | + error_log('Image::set_image_wrapper loaded'); |
|
| 159 | + } |
|
| 158 | 160 | try { |
| 159 | 161 | if (file_exists($this->path)) { |
| 160 | 162 | $this->image = new Imagick($this->path); |
@@ -163,10 +165,14 @@ discard block |
||
| 163 | 165 | $this->fill_image_info(); //Fills height, width and type |
| 164 | 166 | } |
| 165 | 167 | } else { |
| 166 | - if ($this->debug) error_log('Image::image does not exist'); |
|
| 168 | + if ($this->debug) { |
|
| 169 | + error_log('Image::image does not exist'); |
|
| 170 | + } |
|
| 167 | 171 | } |
| 168 | 172 | } catch(ImagickException $e) { |
| 169 | - if ($this->debug) error_log($e->getMessage()); |
|
| 173 | + if ($this->debug) { |
|
| 174 | + error_log($e->getMessage()); |
|
| 175 | + } |
|
| 170 | 176 | } |
| 171 | 177 | } |
| 172 | 178 | |
@@ -180,7 +186,9 @@ discard block |
||
| 180 | 186 | |
| 181 | 187 | if (in_array($this->type, $this->allowed_extensions)) { |
| 182 | 188 | $this->image_validated = true; |
| 183 | - if ($this->debug) error_log('image_validated true'); |
|
| 189 | + if ($this->debug) { |
|
| 190 | + error_log('image_validated true'); |
|
| 191 | + } |
|
| 184 | 192 | } |
| 185 | 193 | } |
| 186 | 194 | |
@@ -196,7 +204,9 @@ discard block |
||
| 196 | 204 | //@todo implement border logic case for Imagick |
| 197 | 205 | public function resize($thumbw, $thumbh, $border, $specific_size = false) |
| 198 | 206 | { |
| 199 | - if (!$this->image_validated) return false; |
|
| 207 | + if (!$this->image_validated) { |
|
| 208 | + return false; |
|
| 209 | + } |
|
| 200 | 210 | |
| 201 | 211 | if ($specific_size) { |
| 202 | 212 | $width = $thumbw; |
@@ -222,7 +232,9 @@ discard block |
||
| 222 | 232 | */ |
| 223 | 233 | |
| 224 | 234 | public function crop($x, $y, $width, $height, $src_width, $src_height) { |
| 225 | - if (!$this->image_validated) return false; |
|
| 235 | + if (!$this->image_validated) { |
|
| 236 | + return false; |
|
| 237 | + } |
|
| 226 | 238 | $this->image->cropimage($width, $height, $x, $y); |
| 227 | 239 | $this->width = $width; |
| 228 | 240 | $this->height = $height; |
@@ -230,7 +242,9 @@ discard block |
||
| 230 | 242 | |
| 231 | 243 | public function send_image($file = '', $compress = -1, $convert_file_to = null) |
| 232 | 244 | { |
| 233 | - if (!$this->image_validated) return false; |
|
| 245 | + if (!$this->image_validated) { |
|
| 246 | + return false; |
|
| 247 | + } |
|
| 234 | 248 | $type = $this->type; |
| 235 | 249 | if (!empty($convert_file_to) && in_array($convert_file_to, $this->allowed_extensions)) { |
| 236 | 250 | $type = $convert_file_to; |
@@ -238,20 +252,28 @@ discard block |
||
| 238 | 252 | switch ($type) { |
| 239 | 253 | case 'jpeg': |
| 240 | 254 | case 'jpg': |
| 241 | - if (!$file) header("Content-type: image/jpeg"); |
|
| 255 | + if (!$file) { |
|
| 256 | + header("Content-type: image/jpeg"); |
|
| 257 | + } |
|
| 242 | 258 | break; |
| 243 | 259 | case 'png': |
| 244 | - if (!$file) header("Content-type: image/png"); |
|
| 260 | + if (!$file) { |
|
| 261 | + header("Content-type: image/png"); |
|
| 262 | + } |
|
| 245 | 263 | break; |
| 246 | 264 | case 'gif': |
| 247 | - if (!$file) header("Content-type: image/gif"); |
|
| 265 | + if (!$file) { |
|
| 266 | + header("Content-type: image/gif"); |
|
| 267 | + } |
|
| 248 | 268 | break; |
| 249 | 269 | } |
| 250 | 270 | $result = false; |
| 251 | 271 | try { |
| 252 | 272 | $result = $this->image->writeImage($file); |
| 253 | 273 | } catch(ImagickException $e) { |
| 254 | - if ($this->debug) error_log($e->getMessage()); |
|
| 274 | + if ($this->debug) { |
|
| 275 | + error_log($e->getMessage()); |
|
| 276 | + } |
|
| 255 | 277 | } |
| 256 | 278 | |
| 257 | 279 | if (!$file) { |
@@ -334,7 +356,9 @@ discard block |
||
| 334 | 356 | |
| 335 | 357 | public function resize($thumbw, $thumbh, $border, $specific_size = false) |
| 336 | 358 | { |
| 337 | - if (!$this->image_validated) return false; |
|
| 359 | + if (!$this->image_validated) { |
|
| 360 | + return false; |
|
| 361 | + } |
|
| 338 | 362 | if ($border == 1) { |
| 339 | 363 | if ($specific_size) { |
| 340 | 364 | $width = $thumbw; |
@@ -387,7 +411,9 @@ discard block |
||
| 387 | 411 | * @param int $src_height the source height of the original image |
| 388 | 412 | */ |
| 389 | 413 | public function crop($x, $y, $width, $height, $src_width, $src_height) { |
| 390 | - if (!$this->image_validated) return false; |
|
| 414 | + if (!$this->image_validated) { |
|
| 415 | + return false; |
|
| 416 | + } |
|
| 391 | 417 | $this->width = $width; |
| 392 | 418 | $this->height = $height; |
| 393 | 419 | $src = null; |
@@ -418,7 +444,9 @@ discard block |
||
| 418 | 444 | |
| 419 | 445 | public function send_image($file = '', $compress = -1, $convert_file_to = null) |
| 420 | 446 | { |
| 421 | - if (!$this->image_validated) return false; |
|
| 447 | + if (!$this->image_validated) { |
|
| 448 | + return false; |
|
| 449 | + } |
|
| 422 | 450 | $compress = (int)$compress; |
| 423 | 451 | $type = $this->type; |
| 424 | 452 | if (!empty($convert_file_to) && in_array($convert_file_to, $this->allowed_extensions)) { |
@@ -427,19 +455,27 @@ discard block |
||
| 427 | 455 | switch ($type) { |
| 428 | 456 | case 'jpeg': |
| 429 | 457 | case 'jpg': |
| 430 | - if (!$file) header("Content-type: image/jpeg"); |
|
| 431 | - if ($compress == -1) $compress = 100; |
|
| 458 | + if (!$file) { |
|
| 459 | + header("Content-type: image/jpeg"); |
|
| 460 | + } |
|
| 461 | + if ($compress == -1) { |
|
| 462 | + $compress = 100; |
|
| 463 | + } |
|
| 432 | 464 | return imagejpeg($this->bg, $file, $compress); |
| 433 | 465 | break; |
| 434 | 466 | case 'png': |
| 435 | - if (!$file) header("Content-type: image/png"); |
|
| 467 | + if (!$file) { |
|
| 468 | + header("Content-type: image/png"); |
|
| 469 | + } |
|
| 436 | 470 | if ($compress != -1) { |
| 437 | 471 | @imagetruecolortopalette($this->bg, true, $compress); |
| 438 | 472 | } |
| 439 | 473 | return imagepng($this->bg, $file, $compress); |
| 440 | 474 | break; |
| 441 | 475 | case 'gif': |
| 442 | - if (!$file) header("Content-type: image/gif"); |
|
| 476 | + if (!$file) { |
|
| 477 | + header("Content-type: image/gif"); |
|
| 478 | + } |
|
| 443 | 479 | if ($compress != -1) { |
| 444 | 480 | @imagetruecolortopalette($this->bg, true, $compress); |
| 445 | 481 | } |
@@ -456,7 +492,9 @@ discard block |
||
| 456 | 492 | */ |
| 457 | 493 | function convert2bw() |
| 458 | 494 | { |
| 459 | - if (!$this->image_validated) return false; |
|
| 495 | + if (!$this->image_validated) { |
|
| 496 | + return false; |
|
| 497 | + } |
|
| 460 | 498 | |
| 461 | 499 | $dest_img = imagecreatetruecolor(imagesx($this->bg), imagesy($this->bg)); |
| 462 | 500 | /* copy ignore the transparent color |
@@ -262,8 +262,9 @@ |
||
| 262 | 262 | $table_url_rel_session = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION); |
| 263 | 263 | $tbl_session = Database :: get_main_table(TABLE_MAIN_SESSION); |
| 264 | 264 | |
| 265 | - if (!empty($access_url_id)) |
|
| 266 | - $where ="WHERE $table_url_rel_session.access_url_id = ".intval($access_url_id); |
|
| 265 | + if (!empty($access_url_id)) { |
|
| 266 | + $where ="WHERE $table_url_rel_session.access_url_id = ".intval($access_url_id); |
|
| 267 | + } |
|
| 267 | 268 | |
| 268 | 269 | $sql = "SELECT id, name, access_url_id |
| 269 | 270 | FROM $tbl_session u |
@@ -2259,7 +2259,9 @@ discard block |
||
| 2259 | 2259 | $debug = false; |
| 2260 | 2260 | } |
| 2261 | 2261 | |
| 2262 | - if ($debug) echo '<h1>Tracking::get_avg_student_score</h1>'; |
|
| 2262 | + if ($debug) { |
|
| 2263 | + echo '<h1>Tracking::get_avg_student_score</h1>'; |
|
| 2264 | + } |
|
| 2263 | 2265 | $tbl_stats_exercices = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_EXERCISES); |
| 2264 | 2266 | $tbl_stats_attempts = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_ATTEMPT); |
| 2265 | 2267 | |
@@ -2336,7 +2338,9 @@ discard block |
||
| 2336 | 2338 | $condition_user1 AND |
| 2337 | 2339 | session_id = $session_id |
| 2338 | 2340 | GROUP BY lp_id, user_id"; |
| 2339 | - if ($debug) echo $sql; |
|
| 2341 | + if ($debug) { |
|
| 2342 | + echo $sql; |
|
| 2343 | + } |
|
| 2340 | 2344 | |
| 2341 | 2345 | $rs_last_lp_view_id = Database::query($sql); |
| 2342 | 2346 | |
@@ -2352,7 +2356,9 @@ discard block |
||
| 2352 | 2356 | $lp_view_id = $row_lp_view['id']; |
| 2353 | 2357 | $lp_id = $row_lp_view['lp_id']; |
| 2354 | 2358 | $user_id = $row_lp_view['user_id']; |
| 2355 | - if ($debug) echo '<h2>LP id '.$lp_id.'</h2>'; |
|
| 2359 | + if ($debug) { |
|
| 2360 | + echo '<h2>LP id '.$lp_id.'</h2>'; |
|
| 2361 | + } |
|
| 2356 | 2362 | |
| 2357 | 2363 | if ($get_only_latest_attempt_results) { |
| 2358 | 2364 | //Getting lp_items done by the user |
@@ -2409,7 +2415,9 @@ discard block |
||
| 2409 | 2415 | lp_i.c_id = $course_id AND |
| 2410 | 2416 | (lp_i.item_type='sco' OR lp_i.item_type='".TOOL_QUIZ."') |
| 2411 | 2417 | WHERE lp_view_id = $lp_view_id "; |
| 2412 | - if ($debug) echo $sql.'<br />'; |
|
| 2418 | + if ($debug) { |
|
| 2419 | + echo $sql.'<br />'; |
|
| 2420 | + } |
|
| 2413 | 2421 | $res_max_score = Database::query($sql); |
| 2414 | 2422 | |
| 2415 | 2423 | while ($row_max_score = Database::fetch_array($res_max_score,'ASSOC')) { |
@@ -2428,7 +2436,9 @@ discard block |
||
| 2428 | 2436 | $max_score_item_view = $row_max_score['max_score_item_view']; |
| 2429 | 2437 | $score = $row_max_score['score']; |
| 2430 | 2438 | |
| 2431 | - if ($debug) echo '<h3>Item Type: ' .$row_max_score['item_type'].'</h3>'; |
|
| 2439 | + if ($debug) { |
|
| 2440 | + echo '<h3>Item Type: ' .$row_max_score['item_type'].'</h3>'; |
|
| 2441 | + } |
|
| 2432 | 2442 | |
| 2433 | 2443 | if ($row_max_score['item_type'] == 'sco') { |
| 2434 | 2444 | /* Check if it is sco (easier to get max_score) |
@@ -2448,7 +2458,9 @@ discard block |
||
| 2448 | 2458 | if (!empty($max_score)) { |
| 2449 | 2459 | $lp_partial_total += $score/$max_score; |
| 2450 | 2460 | } |
| 2451 | - if ($debug) echo '<b>$lp_partial_total, $score, $max_score '.$lp_partial_total.' '.$score.' '.$max_score.'</b><br />'; |
|
| 2461 | + if ($debug) { |
|
| 2462 | + echo '<b>$lp_partial_total, $score, $max_score '.$lp_partial_total.' '.$score.' '.$max_score.'</b><br />'; |
|
| 2463 | + } |
|
| 2452 | 2464 | } else { |
| 2453 | 2465 | // Case of a TOOL_QUIZ element |
| 2454 | 2466 | $item_id = $row_max_score['iid']; |
@@ -2470,12 +2482,16 @@ discard block |
||
| 2470 | 2482 | ORDER BY exe_date DESC |
| 2471 | 2483 | LIMIT 1"; |
| 2472 | 2484 | |
| 2473 | - if ($debug) echo $sql .'<br />'; |
|
| 2485 | + if ($debug) { |
|
| 2486 | + echo $sql .'<br />'; |
|
| 2487 | + } |
|
| 2474 | 2488 | $result_last_attempt = Database::query($sql); |
| 2475 | 2489 | $num = Database :: num_rows($result_last_attempt); |
| 2476 | 2490 | if ($num > 0 ) { |
| 2477 | 2491 | $id_last_attempt = Database :: result($result_last_attempt, 0, 0); |
| 2478 | - if ($debug) echo $id_last_attempt.'<br />'; |
|
| 2492 | + if ($debug) { |
|
| 2493 | + echo $id_last_attempt.'<br />'; |
|
| 2494 | + } |
|
| 2479 | 2495 | |
| 2480 | 2496 | // Within the last attempt number tracking, get the sum of |
| 2481 | 2497 | // the max_scores of all questions that it was |
@@ -2494,7 +2510,9 @@ discard block |
||
| 2494 | 2510 | q.c_id = $course_id |
| 2495 | 2511 | ) |
| 2496 | 2512 | AS t"; |
| 2497 | - if ($debug) echo '$sql: '.$sql.' <br />'; |
|
| 2513 | + if ($debug) { |
|
| 2514 | + echo '$sql: '.$sql.' <br />'; |
|
| 2515 | + } |
|
| 2498 | 2516 | $res_max_score_bis = Database::query($sql); |
| 2499 | 2517 | $row_max_score_bis = Database::fetch_array($res_max_score_bis); |
| 2500 | 2518 | |
@@ -2504,7 +2522,9 @@ discard block |
||
| 2504 | 2522 | if (!empty($max_score) && floatval($max_score) > 0) { |
| 2505 | 2523 | $lp_partial_total += $score/$max_score; |
| 2506 | 2524 | } |
| 2507 | - if ($debug) echo '$lp_partial_total, $score, $max_score <b>'.$lp_partial_total.' '.$score.' '.$max_score.'</b><br />'; |
|
| 2525 | + if ($debug) { |
|
| 2526 | + echo '$lp_partial_total, $score, $max_score <b>'.$lp_partial_total.' '.$score.' '.$max_score.'</b><br />'; |
|
| 2527 | + } |
|
| 2508 | 2528 | } |
| 2509 | 2529 | } |
| 2510 | 2530 | |
@@ -2517,17 +2537,25 @@ discard block |
||
| 2517 | 2537 | $count_items++; |
| 2518 | 2538 | } |
| 2519 | 2539 | } |
| 2520 | - if ($debug) echo '$count_items: '.$count_items; |
|
| 2540 | + if ($debug) { |
|
| 2541 | + echo '$count_items: '.$count_items; |
|
| 2542 | + } |
|
| 2521 | 2543 | } |
| 2522 | 2544 | } //end for |
| 2523 | 2545 | |
| 2524 | 2546 | $score_of_scorm_calculate += $count_items ? (($lp_partial_total / $count_items) * 100) : 0; |
| 2525 | 2547 | |
| 2526 | - if ($debug) echo '<h3>$count_items '.$count_items.'</h3>'; |
|
| 2527 | - if ($debug) echo '<h3>$score_of_scorm_calculate '.$score_of_scorm_calculate.'</h3>'; |
|
| 2548 | + if ($debug) { |
|
| 2549 | + echo '<h3>$count_items '.$count_items.'</h3>'; |
|
| 2550 | + } |
|
| 2551 | + if ($debug) { |
|
| 2552 | + echo '<h3>$score_of_scorm_calculate '.$score_of_scorm_calculate.'</h3>'; |
|
| 2553 | + } |
|
| 2528 | 2554 | |
| 2529 | 2555 | $global_result += $score_of_scorm_calculate; |
| 2530 | - if ($debug) echo '<h3>$global_result '.$global_result.'</h3>'; |
|
| 2556 | + if ($debug) { |
|
| 2557 | + echo '<h3>$global_result '.$global_result.'</h3>'; |
|
| 2558 | + } |
|
| 2531 | 2559 | } // end while |
| 2532 | 2560 | } |
| 2533 | 2561 | |
@@ -2540,7 +2568,9 @@ discard block |
||
| 2540 | 2568 | c_id = $course_id AND |
| 2541 | 2569 | (item_type = 'quiz' OR item_type = 'sco') AND |
| 2542 | 2570 | lp_id = ".$lp_id; |
| 2543 | - if ($debug) echo $sql; |
|
| 2571 | + if ($debug) { |
|
| 2572 | + echo $sql; |
|
| 2573 | + } |
|
| 2544 | 2574 | $result_have_quiz = Database::query($sql); |
| 2545 | 2575 | |
| 2546 | 2576 | if (Database::num_rows($result_have_quiz) > 0 ) { |
@@ -2551,19 +2581,29 @@ discard block |
||
| 2551 | 2581 | } |
| 2552 | 2582 | } |
| 2553 | 2583 | |
| 2554 | - if ($debug) echo '<h3>$lp_with_quiz '.$lp_with_quiz.' </h3>'; |
|
| 2555 | - if ($debug) echo '<h3>Final return</h3>'; |
|
| 2584 | + if ($debug) { |
|
| 2585 | + echo '<h3>$lp_with_quiz '.$lp_with_quiz.' </h3>'; |
|
| 2586 | + } |
|
| 2587 | + if ($debug) { |
|
| 2588 | + echo '<h3>Final return</h3>'; |
|
| 2589 | + } |
|
| 2556 | 2590 | |
| 2557 | 2591 | if ($lp_with_quiz != 0) { |
| 2558 | 2592 | if (!$return_array) { |
| 2559 | 2593 | $score_of_scorm_calculate = round(($global_result/$lp_with_quiz),2); |
| 2560 | - if ($debug) var_dump($score_of_scorm_calculate); |
|
| 2594 | + if ($debug) { |
|
| 2595 | + var_dump($score_of_scorm_calculate); |
|
| 2596 | + } |
|
| 2561 | 2597 | if (empty($lp_ids)) { |
| 2562 | - if ($debug) echo '<h2>All lps fix: '.$score_of_scorm_calculate.'</h2>'; |
|
| 2598 | + if ($debug) { |
|
| 2599 | + echo '<h2>All lps fix: '.$score_of_scorm_calculate.'</h2>'; |
|
| 2600 | + } |
|
| 2563 | 2601 | } |
| 2564 | 2602 | return $score_of_scorm_calculate; |
| 2565 | 2603 | } else { |
| 2566 | - if ($debug) var_dump($global_result, $lp_with_quiz); |
|
| 2604 | + if ($debug) { |
|
| 2605 | + var_dump($global_result, $lp_with_quiz); |
|
| 2606 | + } |
|
| 2567 | 2607 | return array($global_result, $lp_with_quiz); |
| 2568 | 2608 | } |
| 2569 | 2609 | } else { |
@@ -3050,11 +3090,13 @@ discard block |
||
| 3050 | 3090 | |
| 3051 | 3091 | if (!empty ($id_session)) { |
| 3052 | 3092 | $sql .= ' WHERE session_course.session_id=' . $id_session; |
| 3053 | - if (api_is_multiple_url_enabled()) |
|
| 3054 | - $sql .= ' AND access_url_id = '.$access_url_id; |
|
| 3055 | - } else { |
|
| 3056 | - if (api_is_multiple_url_enabled()) |
|
| 3057 | - $sql .= ' WHERE access_url_id = '.$access_url_id; |
|
| 3093 | + if (api_is_multiple_url_enabled()) { |
|
| 3094 | + $sql .= ' AND access_url_id = '.$access_url_id; |
|
| 3095 | + } |
|
| 3096 | + } else { |
|
| 3097 | + if (api_is_multiple_url_enabled()) { |
|
| 3098 | + $sql .= ' WHERE access_url_id = '.$access_url_id; |
|
| 3099 | + } |
|
| 3058 | 3100 | } |
| 3059 | 3101 | |
| 3060 | 3102 | $result = Database::query($sql); |
@@ -3162,8 +3204,7 @@ discard block |
||
| 3162 | 3204 | if ($session['access_start_date'] == '0000-00-00 00:00:00' || empty($session['access_start_date']) |
| 3163 | 3205 | ) { |
| 3164 | 3206 | $session['status'] = get_lang('SessionActive'); |
| 3165 | - } |
|
| 3166 | - else { |
|
| 3207 | + } else { |
|
| 3167 | 3208 | $time_start = api_strtotime($session['access_start_date'], 'UTC'); |
| 3168 | 3209 | $time_end = api_strtotime($session['access_end_date'], 'UTC'); |
| 3169 | 3210 | if ($time_start < time() && time() < $time_end) { |
@@ -6599,8 +6640,9 @@ discard block |
||
| 6599 | 6640 | if (is_array($hpresults)) { |
| 6600 | 6641 | for($i = 0; $i < sizeof($hpresults); $i++) { |
| 6601 | 6642 | $title = GetQuizName($hpresults[$i][0],''); |
| 6602 | - if ($title == '') |
|
| 6603 | - $title = basename($hpresults[$i][0]); |
|
| 6643 | + if ($title == '') { |
|
| 6644 | + $title = basename($hpresults[$i][0]); |
|
| 6645 | + } |
|
| 6604 | 6646 | $display_date = api_convert_and_format_date($hpresults[$i][3], null, date_default_timezone_get()); |
| 6605 | 6647 | ?> |
| 6606 | 6648 | <tr> |
@@ -6972,8 +7014,9 @@ discard block |
||
| 6972 | 7014 | for($i = 0; $i < sizeof($hpresults); $i++) { |
| 6973 | 7015 | $title = GetQuizName($hpresults[$i][0],''); |
| 6974 | 7016 | |
| 6975 | - if ($title == '') |
|
| 6976 | - $title = basename($hpresults[$i][0]); |
|
| 7017 | + if ($title == '') { |
|
| 7018 | + $title = basename($hpresults[$i][0]); |
|
| 7019 | + } |
|
| 6977 | 7020 | |
| 6978 | 7021 | $display_date = api_convert_and_format_date($hpresults[$i][3], null, date_default_timezone_get()); |
| 6979 | 7022 | |
@@ -93,24 +93,28 @@ discard block |
||
| 93 | 93 | { |
| 94 | 94 | $string = kses_stripslashes($string); |
| 95 | 95 | |
| 96 | - if (substr($string, 0, 1) != '<') |
|
| 97 | - return '>'; |
|
| 96 | + if (substr($string, 0, 1) != '<') { |
|
| 97 | + return '>'; |
|
| 98 | + } |
|
| 98 | 99 | # It matched a ">" character |
| 99 | 100 | |
| 100 | - if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) |
|
| 101 | - return ''; |
|
| 101 | + if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) { |
|
| 102 | + return ''; |
|
| 103 | + } |
|
| 102 | 104 | # It's seriously malformed |
| 103 | 105 | |
| 104 | 106 | $slash = trim($matches[1]); |
| 105 | 107 | $elem = $matches[2]; |
| 106 | 108 | $attrlist = $matches[3]; |
| 107 | 109 | |
| 108 | - if (!@isset($allowed_html[strtolower($elem)])) |
|
| 109 | - return ''; |
|
| 110 | + if (!@isset($allowed_html[strtolower($elem)])) { |
|
| 111 | + return ''; |
|
| 112 | + } |
|
| 110 | 113 | # They are using a not allowed HTML element |
| 111 | 114 | |
| 112 | - if ($slash != '') |
|
| 113 | - return "<$slash$elem>"; |
|
| 115 | + if ($slash != '') { |
|
| 116 | + return "<$slash$elem>"; |
|
| 117 | + } |
|
| 114 | 118 | # No attributes are allowed for closing elements |
| 115 | 119 | |
| 116 | 120 | return kses_attr("$slash$elem", $attrlist, $allowed_html, |
@@ -131,13 +135,15 @@ discard block |
||
| 131 | 135 | # Is there a closing XHTML slash at the end of the attributes? |
| 132 | 136 | |
| 133 | 137 | $xhtml_slash = ''; |
| 134 | - if (preg_match('%\s/\s*$%', $attr)) |
|
| 135 | - $xhtml_slash = ' /'; |
|
| 138 | + if (preg_match('%\s/\s*$%', $attr)) { |
|
| 139 | + $xhtml_slash = ' /'; |
|
| 140 | + } |
|
| 136 | 141 | |
| 137 | 142 | # Are any attributes allowed at all for this element? |
| 138 | 143 | |
| 139 | - if (@count($allowed_html[strtolower($element)]) == 0) |
|
| 140 | - return "<$element$xhtml_slash>"; |
|
| 144 | + if (@count($allowed_html[strtolower($element)]) == 0) { |
|
| 145 | + return "<$element$xhtml_slash>"; |
|
| 146 | + } |
|
| 141 | 147 | |
| 142 | 148 | # Split it |
| 143 | 149 | |
@@ -151,27 +157,34 @@ discard block |
||
| 151 | 157 | foreach ($attrarr as $arreach) |
| 152 | 158 | { |
| 153 | 159 | if (!@isset($allowed_html[strtolower($element)] |
| 154 | - [strtolower($arreach['name'])])) |
|
| 155 | - continue; # the attribute is not allowed |
|
| 160 | + [strtolower($arreach['name'])])) { |
|
| 161 | + continue; |
|
| 162 | + } |
|
| 163 | + # the attribute is not allowed |
|
| 156 | 164 | |
| 157 | 165 | $current = $allowed_html[strtolower($element)] |
| 158 | 166 | [strtolower($arreach['name'])]; |
| 159 | 167 | |
| 160 | - if (!is_array($current)) |
|
| 161 | - $attr2 .= ' '.$arreach['whole']; |
|
| 168 | + if (!is_array($current)) { |
|
| 169 | + $attr2 .= ' '.$arreach['whole']; |
|
| 170 | + } |
|
| 162 | 171 | # there are no checks |
| 163 | 172 | |
| 164 | 173 | else |
| 165 | 174 | { |
| 166 | 175 | # there are some checks |
| 167 | 176 | $ok = true; |
| 168 | - foreach ($current as $currkey => $currval) |
|
| 169 | - if (!kses_check_attr_val($arreach['value'], $arreach['vless'], |
|
| 177 | + foreach ($current as $currkey => $currval) { |
|
| 178 | + if (!kses_check_attr_val($arreach['value'], $arreach['vless'], |
|
| 170 | 179 | $currkey, $currval)) |
| 171 | - { $ok = false; break; } |
|
| 172 | - |
|
| 173 | - if ($ok) |
|
| 174 | - $attr2 .= ' '.$arreach['whole']; # it passed them |
|
| 180 | + { $ok = false; |
|
| 181 | + } |
|
| 182 | + break; } |
|
| 183 | + |
|
| 184 | + if ($ok) { |
|
| 185 | + $attr2 .= ' '.$arreach['whole']; |
|
| 186 | + } |
|
| 187 | + # it passed them |
|
| 175 | 188 | } # if !is_array($current) |
| 176 | 189 | } # foreach |
| 177 | 190 | |
@@ -218,16 +231,22 @@ discard block |
||
| 218 | 231 | |
| 219 | 232 | case 1: # equals sign or valueless ("selected") |
| 220 | 233 | |
| 221 | - if (preg_match('/^\s*=\s*/', $attr)) # equals sign |
|
| 234 | + if (preg_match('/^\s*=\s*/', $attr)) { |
|
| 235 | + # equals sign |
|
| 222 | 236 | { |
| 223 | - $working = 1; $mode = 2; |
|
| 237 | + $working = 1; |
|
| 238 | + } |
|
| 239 | + $mode = 2; |
|
| 224 | 240 | $attr = preg_replace('/^\s*=\s*/', '', $attr); |
| 225 | 241 | break; |
| 226 | 242 | } |
| 227 | 243 | |
| 228 | - if (preg_match('/^\s+/', $attr)) # valueless |
|
| 244 | + if (preg_match('/^\s+/', $attr)) { |
|
| 245 | + # valueless |
|
| 229 | 246 | { |
| 230 | - $working = 1; $mode = 0; |
|
| 247 | + $working = 1; |
|
| 248 | + } |
|
| 249 | + $mode = 0; |
|
| 231 | 250 | $attrarr[] = array |
| 232 | 251 | ('name' => $attrname, |
| 233 | 252 | 'value' => '', |
@@ -240,10 +259,11 @@ discard block |
||
| 240 | 259 | |
| 241 | 260 | case 2: # attribute value, a URL after href= for instance |
| 242 | 261 | |
| 243 | - if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) |
|
| 244 | - # "value" |
|
| 262 | + if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) { |
|
| 263 | + # "value" |
|
| 245 | 264 | { |
| 246 | 265 | $thisval = kses_bad_protocol($match[1], $allowed_protocols); |
| 266 | + } |
|
| 247 | 267 | |
| 248 | 268 | $attrarr[] = array |
| 249 | 269 | ('name' => $attrname, |
@@ -255,10 +275,11 @@ discard block |
||
| 255 | 275 | break; |
| 256 | 276 | } |
| 257 | 277 | |
| 258 | - if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) |
|
| 259 | - # 'value' |
|
| 278 | + if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) { |
|
| 279 | + # 'value' |
|
| 260 | 280 | { |
| 261 | 281 | $thisval = kses_bad_protocol($match[1], $allowed_protocols); |
| 282 | + } |
|
| 262 | 283 | |
| 263 | 284 | $attrarr[] = array |
| 264 | 285 | ('name' => $attrname, |
@@ -270,10 +291,11 @@ discard block |
||
| 270 | 291 | break; |
| 271 | 292 | } |
| 272 | 293 | |
| 273 | - if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) |
|
| 274 | - # value |
|
| 294 | + if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) { |
|
| 295 | + # value |
|
| 275 | 296 | { |
| 276 | 297 | $thisval = kses_bad_protocol($match[1], $allowed_protocols); |
| 298 | + } |
|
| 277 | 299 | |
| 278 | 300 | $attrarr[] = array |
| 279 | 301 | ('name' => $attrname, |
@@ -288,21 +310,24 @@ discard block |
||
| 288 | 310 | break; |
| 289 | 311 | } # switch |
| 290 | 312 | |
| 291 | - if ($working == 0) # not well formed, remove and try again |
|
| 313 | + if ($working == 0) { |
|
| 314 | + # not well formed, remove and try again |
|
| 292 | 315 | { |
| 293 | 316 | $attr = kses_html_error($attr); |
| 317 | + } |
|
| 294 | 318 | $mode = 0; |
| 295 | 319 | } |
| 296 | 320 | } # while |
| 297 | 321 | |
| 298 | - if ($mode == 1) |
|
| 299 | - # special case, for when the attribute list ends with a valueless |
|
| 322 | + if ($mode == 1) { |
|
| 323 | + # special case, for when the attribute list ends with a valueless |
|
| 300 | 324 | # attribute like "selected" |
| 301 | 325 | $attrarr[] = array |
| 302 | 326 | ('name' => $attrname, |
| 303 | 327 | 'value' => '', |
| 304 | 328 | 'whole' => $attrname, |
| 305 | 329 | 'vless' => 'y'); |
| 330 | + } |
|
| 306 | 331 | |
| 307 | 332 | return $attrarr; |
| 308 | 333 | } # function kses_hair |
@@ -324,16 +349,18 @@ discard block |
||
| 324 | 349 | # greater than the given value. This can be used to avoid Buffer Overflows |
| 325 | 350 | # in WWW clients and various Internet servers. |
| 326 | 351 | |
| 327 | - if (strlen($value) > $checkvalue) |
|
| 328 | - $ok = false; |
|
| 352 | + if (strlen($value) > $checkvalue) { |
|
| 353 | + $ok = false; |
|
| 354 | + } |
|
| 329 | 355 | break; |
| 330 | 356 | |
| 331 | 357 | case 'minlen': |
| 332 | 358 | # The minlen check makes sure that the attribute value has a length not |
| 333 | 359 | # smaller than the given value. |
| 334 | 360 | |
| 335 | - if (strlen($value) < $checkvalue) |
|
| 336 | - $ok = false; |
|
| 361 | + if (strlen($value) < $checkvalue) { |
|
| 362 | + $ok = false; |
|
| 363 | + } |
|
| 337 | 364 | break; |
| 338 | 365 | |
| 339 | 366 | case 'maxval': |
@@ -343,20 +370,24 @@ discard block |
||
| 343 | 370 | # value is not greater than the given value. |
| 344 | 371 | # This check can be used to avoid Denial of Service attacks. |
| 345 | 372 | |
| 346 | - if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 347 | - $ok = false; |
|
| 348 | - if ($value > $checkvalue) |
|
| 349 | - $ok = false; |
|
| 373 | + if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) { |
|
| 374 | + $ok = false; |
|
| 375 | + } |
|
| 376 | + if ($value > $checkvalue) { |
|
| 377 | + $ok = false; |
|
| 378 | + } |
|
| 350 | 379 | break; |
| 351 | 380 | |
| 352 | 381 | case 'minval': |
| 353 | 382 | # The minval check checks that the attribute value is a positive integer, |
| 354 | 383 | # and that it is not smaller than the given value. |
| 355 | 384 | |
| 356 | - if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 357 | - $ok = false; |
|
| 358 | - if ($value < $checkvalue) |
|
| 359 | - $ok = false; |
|
| 385 | + if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) { |
|
| 386 | + $ok = false; |
|
| 387 | + } |
|
| 388 | + if ($value < $checkvalue) { |
|
| 389 | + $ok = false; |
|
| 390 | + } |
|
| 360 | 391 | break; |
| 361 | 392 | |
| 362 | 393 | case 'valueless': |
@@ -365,8 +396,9 @@ discard block |
||
| 365 | 396 | # is a "y" or a "Y", the attribute must not have a value. |
| 366 | 397 | # If the given value is an "n" or an "N", the attribute must have one. |
| 367 | 398 | |
| 368 | - if (strtolower($checkvalue) != $vless) |
|
| 369 | - $ok = false; |
|
| 399 | + if (strtolower($checkvalue) != $vless) { |
|
| 400 | + $ok = false; |
|
| 401 | + } |
|
| 370 | 402 | break; |
| 371 | 403 | } # switch |
| 372 | 404 | |
@@ -492,18 +524,20 @@ discard block |
||
| 492 | 524 | $string2 = strtolower($string2); |
| 493 | 525 | |
| 494 | 526 | $allowed = false; |
| 495 | - foreach ($allowed_protocols as $one_protocol) |
|
| 496 | - if (strtolower($one_protocol) == $string2) |
|
| 527 | + foreach ($allowed_protocols as $one_protocol) { |
|
| 528 | + if (strtolower($one_protocol) == $string2) |
|
| 497 | 529 | { |
| 498 | 530 | $allowed = true; |
| 531 | + } |
|
| 499 | 532 | break; |
| 500 | 533 | } |
| 501 | 534 | |
| 502 | - if ($allowed) |
|
| 503 | - return "$string2:"; |
|
| 504 | - else |
|
| 505 | - return ''; |
|
| 506 | -} # function kses_bad_protocol_once2 |
|
| 535 | + if ($allowed) { |
|
| 536 | + return "$string2:"; |
|
| 537 | + } else { |
|
| 538 | + return ''; |
|
| 539 | + } |
|
| 540 | + } # function kses_bad_protocol_once2 |
|
| 507 | 541 | |
| 508 | 542 | |
| 509 | 543 | function kses_normalize_entities($string) |
@@ -183,16 +183,19 @@ discard block |
||
| 183 | 183 | { |
| 184 | 184 | $string = kses_stripslashes($string); |
| 185 | 185 | |
| 186 | - if (substr($string, 0, 1) != '<') |
|
| 187 | - return '>'; |
|
| 186 | + if (substr($string, 0, 1) != '<') { |
|
| 187 | + return '>'; |
|
| 188 | + } |
|
| 188 | 189 | // It matched a ">" character |
| 189 | 190 | |
| 190 | 191 | if (preg_match('%^<!--(.*?)(-->)?$%', $string, $matches)) { |
| 191 | 192 | $string = str_replace(array('<!--', '-->'), '', $matches[1]); |
| 192 | - while ( $string != $newstring = kses($string, $allowed_html, $allowed_protocols) ) |
|
| 193 | - $string = $newstring; |
|
| 194 | - if ( $string == '' ) |
|
| 195 | - return ''; |
|
| 193 | + while ( $string != $newstring = kses($string, $allowed_html, $allowed_protocols) ) { |
|
| 194 | + $string = $newstring; |
|
| 195 | + } |
|
| 196 | + if ( $string == '' ) { |
|
| 197 | + return ''; |
|
| 198 | + } |
|
| 196 | 199 | // prevent multiple dashes in comments |
| 197 | 200 | $string = preg_replace('/--+/', '-', $string); |
| 198 | 201 | // prevent three dashes closing a comment |
@@ -201,20 +204,23 @@ discard block |
||
| 201 | 204 | } |
| 202 | 205 | // Allow HTML comments |
| 203 | 206 | |
| 204 | - if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) |
|
| 205 | - return ''; |
|
| 207 | + if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) { |
|
| 208 | + return ''; |
|
| 209 | + } |
|
| 206 | 210 | // It's seriously malformed |
| 207 | 211 | |
| 208 | 212 | $slash = trim($matches[1]); |
| 209 | 213 | $elem = $matches[2]; |
| 210 | 214 | $attrlist = $matches[3]; |
| 211 | 215 | |
| 212 | - if (!@isset($allowed_html[strtolower($elem)])) |
|
| 213 | - return ''; |
|
| 216 | + if (!@isset($allowed_html[strtolower($elem)])) { |
|
| 217 | + return ''; |
|
| 218 | + } |
|
| 214 | 219 | // They are using a not allowed HTML element |
| 215 | 220 | |
| 216 | - if ($slash != '') |
|
| 217 | - return "<$slash$elem>"; |
|
| 221 | + if ($slash != '') { |
|
| 222 | + return "<$slash$elem>"; |
|
| 223 | + } |
|
| 218 | 224 | // No attributes are allowed for closing elements |
| 219 | 225 | |
| 220 | 226 | return kses_attr("$slash$elem", $attrlist, $allowed_html, |
@@ -241,13 +247,15 @@ discard block |
||
| 241 | 247 | // Is there a closing XHTML slash at the end of the attributes? |
| 242 | 248 | |
| 243 | 249 | $xhtml_slash = ''; |
| 244 | - if (preg_match('%\s*/\s*$%', $attr)) |
|
| 245 | - $xhtml_slash = ' /'; |
|
| 250 | + if (preg_match('%\s*/\s*$%', $attr)) { |
|
| 251 | + $xhtml_slash = ' /'; |
|
| 252 | + } |
|
| 246 | 253 | |
| 247 | 254 | // Are any attributes allowed at all for this element? |
| 248 | 255 | |
| 249 | - if (@count($allowed_html[strtolower($element)]) == 0) |
|
| 250 | - return "<$element$xhtml_slash>"; |
|
| 256 | + if (@count($allowed_html[strtolower($element)]) == 0) { |
|
| 257 | + return "<$element$xhtml_slash>"; |
|
| 258 | + } |
|
| 251 | 259 | |
| 252 | 260 | // Split it |
| 253 | 261 | |
@@ -261,42 +269,52 @@ discard block |
||
| 261 | 269 | foreach ($attrarr as $arreach) |
| 262 | 270 | { |
| 263 | 271 | if (!@isset($allowed_html[strtolower($element)] |
| 264 | - [strtolower($arreach['name'])])) |
|
| 265 | - continue; // the attribute is not allowed |
|
| 272 | + [strtolower($arreach['name'])])) { |
|
| 273 | + continue; |
|
| 274 | + } |
|
| 275 | + // the attribute is not allowed |
|
| 266 | 276 | |
| 267 | 277 | $current = $allowed_html[strtolower($element)] |
| 268 | 278 | [strtolower($arreach['name'])]; |
| 269 | - if ($current == '') |
|
| 270 | - continue; // the attribute is not allowed |
|
| 279 | + if ($current == '') { |
|
| 280 | + continue; |
|
| 281 | + } |
|
| 282 | + // the attribute is not allowed |
|
| 271 | 283 | |
| 272 | - if (!is_array($current)) |
|
| 273 | - $attr2 .= ' '.$arreach['whole']; |
|
| 284 | + if (!is_array($current)) { |
|
| 285 | + $attr2 .= ' '.$arreach['whole']; |
|
| 286 | + } |
|
| 274 | 287 | // there are no checks |
| 275 | 288 | |
| 276 | 289 | else |
| 277 | 290 | { |
| 278 | 291 | // there are some checks |
| 279 | 292 | $ok = true; |
| 280 | - foreach ($current as $currkey => $currval) |
|
| 281 | - if (!kses_check_attr_val($arreach['value'], $arreach['vless'], |
|
| 293 | + foreach ($current as $currkey => $currval) { |
|
| 294 | + if (!kses_check_attr_val($arreach['value'], $arreach['vless'], |
|
| 282 | 295 | $currkey, $currval)) |
| 283 | - { $ok = false; break; } |
|
| 296 | + { $ok = false; |
|
| 297 | + } |
|
| 298 | + break; } |
|
| 284 | 299 | |
| 285 | 300 | if ( strtolower($arreach['name']) == 'style' ) { |
| 286 | 301 | $orig_value = $arreach['value']; |
| 287 | 302 | |
| 288 | 303 | $value = kses_safecss_filter_attr($orig_value); |
| 289 | 304 | |
| 290 | - if ( empty($value) ) |
|
| 291 | - continue; |
|
| 305 | + if ( empty($value) ) { |
|
| 306 | + continue; |
|
| 307 | + } |
|
| 292 | 308 | |
| 293 | 309 | $arreach['value'] = $value; |
| 294 | 310 | |
| 295 | 311 | $arreach['whole'] = str_replace($orig_value, $value, $arreach['whole']); |
| 296 | 312 | } |
| 297 | 313 | |
| 298 | - if ($ok) |
|
| 299 | - $attr2 .= ' '.$arreach['whole']; // it passed them |
|
| 314 | + if ($ok) { |
|
| 315 | + $attr2 .= ' '.$arreach['whole']; |
|
| 316 | + } |
|
| 317 | + // it passed them |
|
| 300 | 318 | } // if !is_array($current) |
| 301 | 319 | } // foreach |
| 302 | 320 | |
@@ -351,16 +369,22 @@ discard block |
||
| 351 | 369 | |
| 352 | 370 | case 1: // equals sign or valueless ("selected") |
| 353 | 371 | |
| 354 | - if (preg_match('/^\s*=\s*/', $attr)) // equals sign |
|
| 372 | + if (preg_match('/^\s*=\s*/', $attr)) { |
|
| 373 | + // equals sign |
|
| 355 | 374 | { |
| 356 | - $working = 1; $mode = 2; |
|
| 375 | + $working = 1; |
|
| 376 | + } |
|
| 377 | + $mode = 2; |
|
| 357 | 378 | $attr = preg_replace('/^\s*=\s*/', '', $attr); |
| 358 | 379 | break; |
| 359 | 380 | } |
| 360 | 381 | |
| 361 | - if (preg_match('/^\s+/', $attr)) // valueless |
|
| 382 | + if (preg_match('/^\s+/', $attr)) { |
|
| 383 | + // valueless |
|
| 362 | 384 | { |
| 363 | - $working = 1; $mode = 0; |
|
| 385 | + $working = 1; |
|
| 386 | + } |
|
| 387 | + $mode = 0; |
|
| 364 | 388 | if(FALSE === array_key_exists($attrname, $attrarr)) { |
| 365 | 389 | $attrarr[$attrname] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y'); |
| 366 | 390 | } |
@@ -371,16 +395,18 @@ discard block |
||
| 371 | 395 | |
| 372 | 396 | case 2: // attribute value, a URL after href= for instance |
| 373 | 397 | |
| 374 | - if (preg_match('%^"([^"]*)"(\s+|/?$)%', $attr, $match)) |
|
| 375 | - // "value" |
|
| 398 | + if (preg_match('%^"([^"]*)"(\s+|/?$)%', $attr, $match)) { |
|
| 399 | + // "value" |
|
| 376 | 400 | { |
| 377 | 401 | // MDL-2684 - kses stripping CSS styles that it thinks look like protocols |
| 378 | 402 | if ($attrname == 'style') { |
| 379 | 403 | $thisval = $match[1]; |
| 404 | + } |
|
| 380 | 405 | } else { |
| 381 | 406 | $thisval = $match[1]; |
| 382 | - if ( in_array(strtolower($attrname), $uris) ) |
|
| 383 | - $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 407 | + if ( in_array(strtolower($attrname), $uris) ) { |
|
| 408 | + $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 409 | + } |
|
| 384 | 410 | } |
| 385 | 411 | |
| 386 | 412 | if(FALSE === array_key_exists($attrname, $attrarr)) { |
@@ -391,12 +417,14 @@ discard block |
||
| 391 | 417 | break; |
| 392 | 418 | } |
| 393 | 419 | |
| 394 | - if (preg_match("%^'([^']*)'(\s+|/?$)%", $attr, $match)) |
|
| 395 | - // 'value' |
|
| 420 | + if (preg_match("%^'([^']*)'(\s+|/?$)%", $attr, $match)) { |
|
| 421 | + // 'value' |
|
| 396 | 422 | { |
| 397 | 423 | $thisval = $match[1]; |
| 398 | - if ( in_array(strtolower($attrname), $uris) ) |
|
| 399 | - $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 424 | + } |
|
| 425 | + if ( in_array(strtolower($attrname), $uris) ) { |
|
| 426 | + $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 427 | + } |
|
| 400 | 428 | |
| 401 | 429 | if(FALSE === array_key_exists($attrname, $attrarr)) { |
| 402 | 430 | $attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname='$thisval'", 'vless' => 'n'); |
@@ -406,12 +434,14 @@ discard block |
||
| 406 | 434 | break; |
| 407 | 435 | } |
| 408 | 436 | |
| 409 | - if (preg_match("%^([^\s\"']+)(\s+|/?$)%", $attr, $match)) |
|
| 410 | - // value |
|
| 437 | + if (preg_match("%^([^\s\"']+)(\s+|/?$)%", $attr, $match)) { |
|
| 438 | + // value |
|
| 411 | 439 | { |
| 412 | 440 | $thisval = $match[1]; |
| 413 | - if ( in_array(strtolower($attrname), $uris) ) |
|
| 414 | - $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 441 | + } |
|
| 442 | + if ( in_array(strtolower($attrname), $uris) ) { |
|
| 443 | + $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 444 | + } |
|
| 415 | 445 | |
| 416 | 446 | if(FALSE === array_key_exists($attrname, $attrarr)) { |
| 417 | 447 | $attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname=\"$thisval\"", 'vless' => 'n'); |
@@ -424,17 +454,20 @@ discard block |
||
| 424 | 454 | break; |
| 425 | 455 | } // switch |
| 426 | 456 | |
| 427 | - if ($working == 0) // not well formed, remove and try again |
|
| 457 | + if ($working == 0) { |
|
| 458 | + // not well formed, remove and try again |
|
| 428 | 459 | { |
| 429 | 460 | $attr = kses_html_error($attr); |
| 461 | + } |
|
| 430 | 462 | $mode = 0; |
| 431 | 463 | } |
| 432 | 464 | } // while |
| 433 | 465 | |
| 434 | - if ($mode == 1 && FALSE === array_key_exists($attrname, $attrarr)) |
|
| 435 | - // special case, for when the attribute list ends with a valueless |
|
| 466 | + if ($mode == 1 && FALSE === array_key_exists($attrname, $attrarr)) { |
|
| 467 | + // special case, for when the attribute list ends with a valueless |
|
| 436 | 468 | // attribute like "selected" |
| 437 | 469 | $attrarr[$attrname] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y'); |
| 470 | + } |
|
| 438 | 471 | |
| 439 | 472 | return $attrarr; |
| 440 | 473 | } |
@@ -462,16 +495,18 @@ discard block |
||
| 462 | 495 | // greater than the given value. This can be used to avoid Buffer Overflows |
| 463 | 496 | // in WWW clients and various Internet servers. |
| 464 | 497 | |
| 465 | - if (strlen($value) > $checkvalue) |
|
| 466 | - $ok = false; |
|
| 498 | + if (strlen($value) > $checkvalue) { |
|
| 499 | + $ok = false; |
|
| 500 | + } |
|
| 467 | 501 | break; |
| 468 | 502 | |
| 469 | 503 | case 'minlen': |
| 470 | 504 | // The minlen check makes sure that the attribute value has a length not |
| 471 | 505 | // smaller than the given value. |
| 472 | 506 | |
| 473 | - if (strlen($value) < $checkvalue) |
|
| 474 | - $ok = false; |
|
| 507 | + if (strlen($value) < $checkvalue) { |
|
| 508 | + $ok = false; |
|
| 509 | + } |
|
| 475 | 510 | break; |
| 476 | 511 | |
| 477 | 512 | case 'maxval': |
@@ -481,20 +516,24 @@ discard block |
||
| 481 | 516 | // value is not greater than the given value. |
| 482 | 517 | // This check can be used to avoid Denial of Service attacks. |
| 483 | 518 | |
| 484 | - if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 485 | - $ok = false; |
|
| 486 | - if ($value > $checkvalue) |
|
| 487 | - $ok = false; |
|
| 519 | + if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) { |
|
| 520 | + $ok = false; |
|
| 521 | + } |
|
| 522 | + if ($value > $checkvalue) { |
|
| 523 | + $ok = false; |
|
| 524 | + } |
|
| 488 | 525 | break; |
| 489 | 526 | |
| 490 | 527 | case 'minval': |
| 491 | 528 | // The minval check checks that the attribute value is a positive integer, |
| 492 | 529 | // and that it is not smaller than the given value. |
| 493 | 530 | |
| 494 | - if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 495 | - $ok = false; |
|
| 496 | - if ($value < $checkvalue) |
|
| 497 | - $ok = false; |
|
| 531 | + if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) { |
|
| 532 | + $ok = false; |
|
| 533 | + } |
|
| 534 | + if ($value < $checkvalue) { |
|
| 535 | + $ok = false; |
|
| 536 | + } |
|
| 498 | 537 | break; |
| 499 | 538 | |
| 500 | 539 | case 'valueless': |
@@ -503,8 +542,9 @@ discard block |
||
| 503 | 542 | // is a "y" or a "Y", the attribute must not have a value. |
| 504 | 543 | // If the given value is an "n" or an "N", the attribute must have one. |
| 505 | 544 | |
| 506 | - if (strtolower($checkvalue) != $vless) |
|
| 507 | - $ok = false; |
|
| 545 | + if (strtolower($checkvalue) != $vless) { |
|
| 546 | + $ok = false; |
|
| 547 | + } |
|
| 508 | 548 | break; |
| 509 | 549 | } // switch |
| 510 | 550 | |
@@ -660,18 +700,20 @@ discard block |
||
| 660 | 700 | $string2 = strtolower($string2); |
| 661 | 701 | |
| 662 | 702 | $allowed = false; |
| 663 | - foreach ( (array) $allowed_protocols as $one_protocol) |
|
| 664 | - if (strtolower($one_protocol) == $string2) |
|
| 703 | + foreach ( (array) $allowed_protocols as $one_protocol) { |
|
| 704 | + if (strtolower($one_protocol) == $string2) |
|
| 665 | 705 | { |
| 666 | 706 | $allowed = true; |
| 707 | + } |
|
| 667 | 708 | break; |
| 668 | 709 | } |
| 669 | 710 | |
| 670 | - if ($allowed) |
|
| 671 | - return "$string2:"; |
|
| 672 | - else |
|
| 673 | - return ''; |
|
| 674 | -} |
|
| 711 | + if ($allowed) { |
|
| 712 | + return "$string2:"; |
|
| 713 | + } else { |
|
| 714 | + return ''; |
|
| 715 | + } |
|
| 716 | + } |
|
| 675 | 717 | |
| 676 | 718 | /** |
| 677 | 719 | * Converts and fixes HTML entities. |
@@ -711,8 +753,9 @@ discard block |
||
| 711 | 753 | function kses_named_entities($matches) { |
| 712 | 754 | global $kses_allowedentitynames; |
| 713 | 755 | |
| 714 | - if ( empty($matches[1]) ) |
|
| 715 | - return ''; |
|
| 756 | + if ( empty($matches[1]) ) { |
|
| 757 | + return ''; |
|
| 758 | + } |
|
| 716 | 759 | |
| 717 | 760 | $i = $matches[1]; |
| 718 | 761 | return ( ( ! in_array($i, $kses_allowedentitynames) ) ? "&$i;" : "&$i;" ); |
@@ -730,8 +773,9 @@ discard block |
||
| 730 | 773 | * @return string Correctly encoded entity |
| 731 | 774 | */ |
| 732 | 775 | function kses_normalize_entities2($matches) { |
| 733 | - if ( empty($matches[1]) ) |
|
| 734 | - return ''; |
|
| 776 | + if ( empty($matches[1]) ) { |
|
| 777 | + return ''; |
|
| 778 | + } |
|
| 735 | 779 | |
| 736 | 780 | $i = $matches[1]; |
| 737 | 781 | if (kses_valid_unicode($i)) { |
@@ -756,8 +800,9 @@ discard block |
||
| 756 | 800 | * @return string Correctly encoded entity |
| 757 | 801 | */ |
| 758 | 802 | function kses_normalize_entities3($matches) { |
| 759 | - if ( empty($matches[1]) ) |
|
| 760 | - return ''; |
|
| 803 | + if ( empty($matches[1]) ) { |
|
| 804 | + return ''; |
|
| 805 | + } |
|
| 761 | 806 | |
| 762 | 807 | $hexchars = $matches[1]; |
| 763 | 808 | return ( ( ! kses_valid_unicode(hexdec($hexchars)) ) ? "&#x$hexchars;" : '&#x'.ltrim($hexchars,'0').';' ); |
@@ -823,8 +868,10 @@ discard block |
||
| 823 | 868 | $css = kses_no_null($css); |
| 824 | 869 | $css = str_replace(array("\n","\r","\t"), '', $css); |
| 825 | 870 | |
| 826 | - if ( preg_match( '%[\\(&=}]|/\*%', $css ) ) // remove any inline css containing \ ( & } = or comments |
|
| 871 | + if ( preg_match( '%[\\(&=}]|/\*%', $css ) ) { |
|
| 872 | + // remove any inline css containing \ ( & } = or comments |
|
| 827 | 873 | return ''; |
| 874 | + } |
|
| 828 | 875 | |
| 829 | 876 | $css_array = explode( ';', trim( $css ) ); |
| 830 | 877 | $allowed_attr = array( 'text-align', 'margin', 'color', 'float', |
@@ -839,25 +886,29 @@ discard block |
||
| 839 | 886 | 'padding-left', 'padding-right', 'padding-top', 'text-decoration', 'text-indent', 'vertical-align', |
| 840 | 887 | 'width' ); |
| 841 | 888 | |
| 842 | - if ( empty($allowed_attr) ) |
|
| 843 | - return $css; |
|
| 889 | + if ( empty($allowed_attr) ) { |
|
| 890 | + return $css; |
|
| 891 | + } |
|
| 844 | 892 | |
| 845 | 893 | $css = ''; |
| 846 | 894 | foreach ( $css_array as $css_item ) { |
| 847 | - if ( $css_item == '' ) |
|
| 848 | - continue; |
|
| 895 | + if ( $css_item == '' ) { |
|
| 896 | + continue; |
|
| 897 | + } |
|
| 849 | 898 | $css_item = trim( $css_item ); |
| 850 | 899 | $found = false; |
| 851 | 900 | if ( strpos( $css_item, ':' ) === false ) { |
| 852 | 901 | $found = true; |
| 853 | 902 | } else { |
| 854 | 903 | $parts = split( ':', $css_item ); |
| 855 | - if ( in_array( strtolower( trim( $parts[0] ) ), $allowed_attr ) ) |
|
| 856 | - $found = true; |
|
| 904 | + if ( in_array( strtolower( trim( $parts[0] ) ), $allowed_attr ) ) { |
|
| 905 | + $found = true; |
|
| 906 | + } |
|
| 857 | 907 | } |
| 858 | 908 | if ( $found ) { |
| 859 | - if( $css != '' ) |
|
| 860 | - $css .= ';'; |
|
| 909 | + if( $css != '' ) { |
|
| 910 | + $css .= ';'; |
|
| 911 | + } |
|
| 861 | 912 | $css .= $css_item; |
| 862 | 913 | } |
| 863 | 914 | } |
@@ -192,13 +192,11 @@ discard block |
||
| 192 | 192 | $this->AddProtocol($protocol); |
| 193 | 193 | } |
| 194 | 194 | return true; |
| 195 | - } |
|
| 196 | - elseif(is_string($protocol_data)) |
|
| 195 | + } elseif(is_string($protocol_data)) |
|
| 197 | 196 | { |
| 198 | 197 | $this->AddProtocol($protocol_data); |
| 199 | 198 | return true; |
| 200 | - } |
|
| 201 | - else |
|
| 199 | + } else |
|
| 202 | 200 | { |
| 203 | 201 | trigger_error("kses5::AddProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 204 | 202 | return false; |
@@ -341,13 +339,11 @@ discard block |
||
| 341 | 339 | { |
| 342 | 340 | $this->RemoveProtocol($protocol); |
| 343 | 341 | } |
| 344 | - } |
|
| 345 | - elseif(is_string($protocol_data)) |
|
| 342 | + } elseif(is_string($protocol_data)) |
|
| 346 | 343 | { |
| 347 | 344 | $this->RemoveProtocol($protocol_data); |
| 348 | 345 | return true; |
| 349 | - } |
|
| 350 | - else |
|
| 346 | + } else |
|
| 351 | 347 | { |
| 352 | 348 | trigger_error("kses5::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 353 | 349 | return false; |
@@ -388,14 +384,12 @@ discard block |
||
| 388 | 384 | $this->AddProtocol($protocol); |
| 389 | 385 | } |
| 390 | 386 | return true; |
| 391 | - } |
|
| 392 | - elseif(is_string($protocol_data)) |
|
| 387 | + } elseif(is_string($protocol_data)) |
|
| 393 | 388 | { |
| 394 | 389 | $this->allowed_protocols = array(); |
| 395 | 390 | $this->AddProtocol($protocol_data); |
| 396 | 391 | return true; |
| 397 | - } |
|
| 398 | - else |
|
| 392 | + } else |
|
| 399 | 393 | { |
| 400 | 394 | trigger_error("kses5::SetProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 401 | 395 | return false; |
@@ -747,8 +741,7 @@ discard block |
||
| 747 | 741 | { |
| 748 | 742 | # there are no checks |
| 749 | 743 | $attr2 .= ' '.$arreach['whole']; |
| 750 | - } |
|
| 751 | - else |
|
| 744 | + } else |
|
| 752 | 745 | { |
| 753 | 746 | # there are some checks |
| 754 | 747 | $ok = true; |
@@ -817,16 +810,20 @@ discard block |
||
| 817 | 810 | } |
| 818 | 811 | break; |
| 819 | 812 | case 1: # equals sign or valueless ("selected") |
| 820 | - if (preg_match('/^\s*=\s*/', $attr)) # equals sign |
|
| 813 | + if (preg_match('/^\s*=\s*/', $attr)) { |
|
| 814 | + # equals sign |
|
| 821 | 815 | { |
| 822 | 816 | $working = 1; |
| 817 | + } |
|
| 823 | 818 | $mode = 2; |
| 824 | 819 | $attr = preg_replace('/^\s*=\s*/', '', $attr); |
| 825 | 820 | break; |
| 826 | 821 | } |
| 827 | - if (preg_match('/^\s+/', $attr)) # valueless |
|
| 822 | + if (preg_match('/^\s+/', $attr)) { |
|
| 823 | + # valueless |
|
| 828 | 824 | { |
| 829 | 825 | $working = 1; |
| 826 | + } |
|
| 830 | 827 | $mode = 0; |
| 831 | 828 | $attrarr[] = array( |
| 832 | 829 | 'name' => $attrname, |
@@ -838,9 +835,11 @@ discard block |
||
| 838 | 835 | } |
| 839 | 836 | break; |
| 840 | 837 | case 2: # attribute value, a URL after href= for instance |
| 841 | - if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value" |
|
| 838 | + if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) { |
|
| 839 | + # "value" |
|
| 842 | 840 | { |
| 843 | 841 | $thisval = $this->removeBadProtocols($match[1]); |
| 842 | + } |
|
| 844 | 843 | $attrarr[] = array( |
| 845 | 844 | 'name' => $attrname, |
| 846 | 845 | 'value' => $thisval, |
@@ -852,9 +851,11 @@ discard block |
||
| 852 | 851 | $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr); |
| 853 | 852 | break; |
| 854 | 853 | } |
| 855 | - if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value' |
|
| 854 | + if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) { |
|
| 855 | + # 'value' |
|
| 856 | 856 | { |
| 857 | 857 | $thisval = $this->removeBadProtocols($match[1]); |
| 858 | + } |
|
| 858 | 859 | $attrarr[] = array( |
| 859 | 860 | 'name' => $attrname, |
| 860 | 861 | 'value' => $thisval, |
@@ -866,9 +867,11 @@ discard block |
||
| 866 | 867 | $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr); |
| 867 | 868 | break; |
| 868 | 869 | } |
| 869 | - if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value |
|
| 870 | + if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) { |
|
| 871 | + # value |
|
| 870 | 872 | { |
| 871 | 873 | $thisval = $this->removeBadProtocols($match[1]); |
| 874 | + } |
|
| 872 | 875 | $attrarr[] = array( |
| 873 | 876 | 'name' => $attrname, |
| 874 | 877 | 'value' => $thisval, |
@@ -883,9 +886,11 @@ discard block |
||
| 883 | 886 | break; |
| 884 | 887 | } |
| 885 | 888 | |
| 886 | - if ($working == 0) # not well formed, remove and try again |
|
| 889 | + if ($working == 0) { |
|
| 890 | + # not well formed, remove and try again |
|
| 887 | 891 | { |
| 888 | 892 | $attr = preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $attr); |
| 893 | + } |
|
| 889 | 894 | $mode = 0; |
| 890 | 895 | } |
| 891 | 896 | } |
@@ -8,12 +8,10 @@ discard block |
||
| 8 | 8 | if(substr(phpversion(), 0, 1) < 4) |
| 9 | 9 | { |
| 10 | 10 | define('KSESTEST_VER', 0); |
| 11 | - } |
|
| 12 | - elseif(substr(phpversion(), 0, 1) >= 5) |
|
| 11 | + } elseif(substr(phpversion(), 0, 1) >= 5) |
|
| 13 | 12 | { |
| 14 | 13 | define('KSESTEST_VER', 5); |
| 15 | - } |
|
| 16 | - else |
|
| 14 | + } else |
|
| 17 | 15 | { |
| 18 | 16 | define('KSESTEST_VER', 4); |
| 19 | 17 | } |
@@ -22,8 +20,7 @@ discard block |
||
| 22 | 20 | if($_SERVER["DOCUMENT_ROOT"] == "") |
| 23 | 21 | { |
| 24 | 22 | define('KSESTEST_ENV', 'CLI'); |
| 25 | - } |
|
| 26 | - else |
|
| 23 | + } else |
|
| 27 | 24 | { |
| 28 | 25 | define('KSESTEST_ENV', 'WEB'); |
| 29 | 26 | } |
@@ -48,8 +45,7 @@ discard block |
||
| 48 | 45 | if(file_exists($include_file) && is_readable($include_file)) |
| 49 | 46 | { |
| 50 | 47 | include_once($include_file); |
| 51 | - } |
|
| 52 | - else |
|
| 48 | + } else |
|
| 53 | 49 | { |
| 54 | 50 | $message = array( |
| 55 | 51 | "Error: Unable to find '" . $include_file . "'.", |
@@ -126,8 +122,7 @@ discard block |
||
| 126 | 122 | if(KSESTEST_ENV == 'CLI') |
| 127 | 123 | { |
| 128 | 124 | return $text; |
| 129 | - } |
|
| 130 | - else |
|
| 125 | + } else |
|
| 131 | 126 | { |
| 132 | 127 | return "<code>\n$text<code>\n"; |
| 133 | 128 | } |
@@ -138,8 +133,7 @@ discard block |
||
| 138 | 133 | if(KSESTEST_ENV == 'CLI') |
| 139 | 134 | { |
| 140 | 135 | return $text; |
| 141 | - } |
|
| 142 | - else |
|
| 136 | + } else |
|
| 143 | 137 | { |
| 144 | 138 | return htmlentities($text); |
| 145 | 139 | } |
@@ -150,14 +144,12 @@ discard block |
||
| 150 | 144 | if(KSESTEST_ENV == 'CLI') |
| 151 | 145 | { |
| 152 | 146 | return '[' . $text . ']'; |
| 153 | - } |
|
| 154 | - else |
|
| 147 | + } else |
|
| 155 | 148 | { |
| 156 | 149 | if($pass == true) |
| 157 | 150 | { |
| 158 | 151 | return '<span style="color: green;">[' . $text . ']</span>'; |
| 159 | - } |
|
| 160 | - else |
|
| 152 | + } else |
|
| 161 | 153 | { |
| 162 | 154 | return '<span style="color: red;">[' . $text . ']</span>'; |
| 163 | 155 | } |
@@ -169,8 +161,7 @@ discard block |
||
| 169 | 161 | if(KSESTEST_ENV == 'WEB') |
| 170 | 162 | { |
| 171 | 163 | $out = " "; |
| 172 | - } |
|
| 173 | - else |
|
| 164 | + } else |
|
| 174 | 165 | { |
| 175 | 166 | $out = " "; |
| 176 | 167 | } |
@@ -183,8 +174,7 @@ discard block |
||
| 183 | 174 | if(KSESTEST_ENV == 'WEB') |
| 184 | 175 | { |
| 185 | 176 | $out = "<br />\n"; |
| 186 | - } |
|
| 187 | - else |
|
| 177 | + } else |
|
| 188 | 178 | { |
| 189 | 179 | $out = "\n"; |
| 190 | 180 | } |
@@ -207,8 +197,7 @@ discard block |
||
| 207 | 197 | $out .= "\t\t<p>\n"; |
| 208 | 198 | $out .= "\t\t\t$text\n"; |
| 209 | 199 | $out .= "\t\t</p>\n"; |
| 210 | - } |
|
| 211 | - else |
|
| 200 | + } else |
|
| 212 | 201 | { |
| 213 | 202 | $header = "$title\n" . str_repeat('-', 60) . "\n\n"; |
| 214 | 203 | $out .= "\t$text\n\n"; |
@@ -226,8 +215,7 @@ discard block |
||
| 226 | 215 | echo $out; |
| 227 | 216 | echo "\t</body>\n"; |
| 228 | 217 | echo "</html>\n"; |
| 229 | - } |
|
| 230 | - else |
|
| 218 | + } else |
|
| 231 | 219 | { |
| 232 | 220 | echo $header; |
| 233 | 221 | echo $out; |
@@ -239,8 +227,7 @@ discard block |
||
| 239 | 227 | if(KSESTEST_ENV == 'WEB') |
| 240 | 228 | { |
| 241 | 229 | return "\t\t\t<hr />\n"; |
| 242 | - } |
|
| 243 | - else |
|
| 230 | + } else |
|
| 244 | 231 | { |
| 245 | 232 | return str_repeat(60, '-') . "\n"; |
| 246 | 233 | } |
@@ -262,8 +249,7 @@ discard block |
||
| 262 | 249 | $text .= "\t\t\t\t<li>$li</li>\n"; |
| 263 | 250 | } |
| 264 | 251 | $text .= "\t\t\t</ul>\n"; |
| 265 | - } |
|
| 266 | - else |
|
| 252 | + } else |
|
| 267 | 253 | { |
| 268 | 254 | foreach($data as $li) |
| 269 | 255 | { |
@@ -165,13 +165,11 @@ discard block |
||
| 165 | 165 | $this->AddProtocol($protocol); |
| 166 | 166 | } |
| 167 | 167 | return true; |
| 168 | - } |
|
| 169 | - elseif(is_string($protocol_data)) |
|
| 168 | + } elseif(is_string($protocol_data)) |
|
| 170 | 169 | { |
| 171 | 170 | $this->AddProtocol($protocol_data); |
| 172 | 171 | return true; |
| 173 | - } |
|
| 174 | - else |
|
| 172 | + } else |
|
| 175 | 173 | { |
| 176 | 174 | trigger_error("kses4::AddProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 177 | 175 | return false; |
@@ -273,14 +271,12 @@ discard block |
||
| 273 | 271 | $this->AddProtocol($protocol); |
| 274 | 272 | } |
| 275 | 273 | return true; |
| 276 | - } |
|
| 277 | - elseif(is_string($protocol_data)) |
|
| 274 | + } elseif(is_string($protocol_data)) |
|
| 278 | 275 | { |
| 279 | 276 | $this->allowed_protocols = array(); |
| 280 | 277 | $this->AddProtocol($protocol_data); |
| 281 | 278 | return true; |
| 282 | - } |
|
| 283 | - else |
|
| 279 | + } else |
|
| 284 | 280 | { |
| 285 | 281 | trigger_error("kses4::SetProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 286 | 282 | return false; |
@@ -451,13 +447,11 @@ discard block |
||
| 451 | 447 | { |
| 452 | 448 | $this->RemoveProtocol($protocol); |
| 453 | 449 | } |
| 454 | - } |
|
| 455 | - elseif(is_string($protocol_data)) |
|
| 450 | + } elseif(is_string($protocol_data)) |
|
| 456 | 451 | { |
| 457 | 452 | $this->RemoveProtocol($protocol_data); |
| 458 | 453 | return true; |
| 459 | - } |
|
| 460 | - else |
|
| 454 | + } else |
|
| 461 | 455 | { |
| 462 | 456 | trigger_error("kses4::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 463 | 457 | return false; |
@@ -740,8 +734,7 @@ discard block |
||
| 740 | 734 | { |
| 741 | 735 | # there are no checks |
| 742 | 736 | $attr2 .= ' '.$arreach['whole']; |
| 743 | - } |
|
| 744 | - else |
|
| 737 | + } else |
|
| 745 | 738 | { |
| 746 | 739 | # there are some checks |
| 747 | 740 | $ok = true; |
@@ -810,16 +803,20 @@ discard block |
||
| 810 | 803 | } |
| 811 | 804 | break; |
| 812 | 805 | case 1: # equals sign or valueless ("selected") |
| 813 | - if (preg_match('/^\s*=\s*/', $attr)) # equals sign |
|
| 806 | + if (preg_match('/^\s*=\s*/', $attr)) { |
|
| 807 | + # equals sign |
|
| 814 | 808 | { |
| 815 | 809 | $working = 1; |
| 810 | + } |
|
| 816 | 811 | $mode = 2; |
| 817 | 812 | $attr = preg_replace('/^\s*=\s*/', '', $attr); |
| 818 | 813 | break; |
| 819 | 814 | } |
| 820 | - if (preg_match('/^\s+/', $attr)) # valueless |
|
| 815 | + if (preg_match('/^\s+/', $attr)) { |
|
| 816 | + # valueless |
|
| 821 | 817 | { |
| 822 | 818 | $working = 1; |
| 819 | + } |
|
| 823 | 820 | $mode = 0; |
| 824 | 821 | $attrarr[] = array( |
| 825 | 822 | 'name' => $attrname, |
@@ -831,9 +828,11 @@ discard block |
||
| 831 | 828 | } |
| 832 | 829 | break; |
| 833 | 830 | case 2: # attribute value, a URL after href= for instance |
| 834 | - if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value" |
|
| 831 | + if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) { |
|
| 832 | + # "value" |
|
| 835 | 833 | { |
| 836 | 834 | $thisval = $this->_bad_protocol($match[1]); |
| 835 | + } |
|
| 837 | 836 | $attrarr[] = array( |
| 838 | 837 | 'name' => $attrname, |
| 839 | 838 | 'value' => $thisval, |
@@ -845,9 +844,11 @@ discard block |
||
| 845 | 844 | $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr); |
| 846 | 845 | break; |
| 847 | 846 | } |
| 848 | - if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value' |
|
| 847 | + if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) { |
|
| 848 | + # 'value' |
|
| 849 | 849 | { |
| 850 | 850 | $thisval = $this->_bad_protocol($match[1]); |
| 851 | + } |
|
| 851 | 852 | $attrarr[] = array( |
| 852 | 853 | 'name' => $attrname, |
| 853 | 854 | 'value' => $thisval, |
@@ -859,9 +860,11 @@ discard block |
||
| 859 | 860 | $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr); |
| 860 | 861 | break; |
| 861 | 862 | } |
| 862 | - if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value |
|
| 863 | + if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) { |
|
| 864 | + # value |
|
| 863 | 865 | { |
| 864 | 866 | $thisval = $this->_bad_protocol($match[1]); |
| 867 | + } |
|
| 865 | 868 | $attrarr[] = array( |
| 866 | 869 | 'name' => $attrname, |
| 867 | 870 | 'value' => $thisval, |
@@ -876,9 +879,11 @@ discard block |
||
| 876 | 879 | break; |
| 877 | 880 | } |
| 878 | 881 | |
| 879 | - if ($working == 0) # not well formed, remove and try again |
|
| 882 | + if ($working == 0) { |
|
| 883 | + # not well formed, remove and try again |
|
| 880 | 884 | { |
| 881 | 885 | $attr = $this->_html_error($attr); |
| 886 | + } |
|
| 882 | 887 | $mode = 0; |
| 883 | 888 | } |
| 884 | 889 | } |
@@ -985,8 +990,7 @@ discard block |
||
| 985 | 990 | if ($allowed) |
| 986 | 991 | { |
| 987 | 992 | return "$string:"; |
| 988 | - } |
|
| 989 | - else |
|
| 993 | + } else |
|
| 990 | 994 | { |
| 991 | 995 | return ''; |
| 992 | 996 | } |
@@ -213,16 +213,19 @@ |
||
| 213 | 213 | if (is_dir($dir)) { |
| 214 | 214 | while(($entry = $dir->read()) !== false) |
| 215 | 215 | { |
| 216 | - if ($entry != '.' && $entry != '..') |
|
| 217 | - continue; |
|
| 216 | + if ($entry != '.' && $entry != '..') { |
|
| 217 | + continue; |
|
| 218 | + } |
|
| 218 | 219 | |
| 219 | - if (!is_dir($dir_name.'/'.$entry)) |
|
| 220 | - $current_modified = filemtime($dir_name.'/'.$entry); |
|
| 221 | - elseif ($do_recursive) |
|
| 222 | - $current_modified = recent_modified_file_time($dir_name.'/'.$entry, true); |
|
| 220 | + if (!is_dir($dir_name.'/'.$entry)) { |
|
| 221 | + $current_modified = filemtime($dir_name.'/'.$entry); |
|
| 222 | + } elseif ($do_recursive) { |
|
| 223 | + $current_modified = recent_modified_file_time($dir_name.'/'.$entry, true); |
|
| 224 | + } |
|
| 223 | 225 | |
| 224 | - if ($current_modified > $last_modified) |
|
| 225 | - $last_modified = $current_modified; |
|
| 226 | + if ($current_modified > $last_modified) { |
|
| 227 | + $last_modified = $current_modified; |
|
| 228 | + } |
|
| 226 | 229 | } |
| 227 | 230 | |
| 228 | 231 | $dir->close(); |
