chamilo /
chamilo-lms
@@ -183,16 +183,19 @@ discard block |
||
| 183 | 183 | { |
| 184 | 184 | $string = kses_stripslashes($string); |
| 185 | 185 | |
| 186 | - if (substr($string, 0, 1) != '<') |
|
| 187 | - return '>'; |
|
| 186 | + if (substr($string, 0, 1) != '<') { |
|
| 187 | + return '>'; |
|
| 188 | + } |
|
| 188 | 189 | // It matched a ">" character |
| 189 | 190 | |
| 190 | 191 | if (preg_match('%^<!--(.*?)(-->)?$%', $string, $matches)) { |
| 191 | 192 | $string = str_replace(array('<!--', '-->'), '', $matches[1]); |
| 192 | - while ( $string != $newstring = kses($string, $allowed_html, $allowed_protocols) ) |
|
| 193 | - $string = $newstring; |
|
| 194 | - if ( $string == '' ) |
|
| 195 | - return ''; |
|
| 193 | + while ( $string != $newstring = kses($string, $allowed_html, $allowed_protocols) ) { |
|
| 194 | + $string = $newstring; |
|
| 195 | + } |
|
| 196 | + if ( $string == '' ) { |
|
| 197 | + return ''; |
|
| 198 | + } |
|
| 196 | 199 | // prevent multiple dashes in comments |
| 197 | 200 | $string = preg_replace('/--+/', '-', $string); |
| 198 | 201 | // prevent three dashes closing a comment |
@@ -201,20 +204,23 @@ discard block |
||
| 201 | 204 | } |
| 202 | 205 | // Allow HTML comments |
| 203 | 206 | |
| 204 | - if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) |
|
| 205 | - return ''; |
|
| 207 | + if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) { |
|
| 208 | + return ''; |
|
| 209 | + } |
|
| 206 | 210 | // It's seriously malformed |
| 207 | 211 | |
| 208 | 212 | $slash = trim($matches[1]); |
| 209 | 213 | $elem = $matches[2]; |
| 210 | 214 | $attrlist = $matches[3]; |
| 211 | 215 | |
| 212 | - if (!@isset($allowed_html[strtolower($elem)])) |
|
| 213 | - return ''; |
|
| 216 | + if (!@isset($allowed_html[strtolower($elem)])) { |
|
| 217 | + return ''; |
|
| 218 | + } |
|
| 214 | 219 | // They are using a not allowed HTML element |
| 215 | 220 | |
| 216 | - if ($slash != '') |
|
| 217 | - return "<$slash$elem>"; |
|
| 221 | + if ($slash != '') { |
|
| 222 | + return "<$slash$elem>"; |
|
| 223 | + } |
|
| 218 | 224 | // No attributes are allowed for closing elements |
| 219 | 225 | |
| 220 | 226 | return kses_attr("$slash$elem", $attrlist, $allowed_html, |
@@ -241,13 +247,15 @@ discard block |
||
| 241 | 247 | // Is there a closing XHTML slash at the end of the attributes? |
| 242 | 248 | |
| 243 | 249 | $xhtml_slash = ''; |
| 244 | - if (preg_match('%\s*/\s*$%', $attr)) |
|
| 245 | - $xhtml_slash = ' /'; |
|
| 250 | + if (preg_match('%\s*/\s*$%', $attr)) { |
|
| 251 | + $xhtml_slash = ' /'; |
|
| 252 | + } |
|
| 246 | 253 | |
| 247 | 254 | // Are any attributes allowed at all for this element? |
| 248 | 255 | |
| 249 | - if (@count($allowed_html[strtolower($element)]) == 0) |
|
| 250 | - return "<$element$xhtml_slash>"; |
|
| 256 | + if (@count($allowed_html[strtolower($element)]) == 0) { |
|
| 257 | + return "<$element$xhtml_slash>"; |
|
| 258 | + } |
|
| 251 | 259 | |
| 252 | 260 | // Split it |
| 253 | 261 | |
@@ -261,42 +269,52 @@ discard block |
||
| 261 | 269 | foreach ($attrarr as $arreach) |
| 262 | 270 | { |
| 263 | 271 | if (!@isset($allowed_html[strtolower($element)] |
| 264 | - [strtolower($arreach['name'])])) |
|
| 265 | - continue; // the attribute is not allowed |
|
| 272 | + [strtolower($arreach['name'])])) { |
|
| 273 | + continue; |
|
| 274 | + } |
|
| 275 | + // the attribute is not allowed |
|
| 266 | 276 | |
| 267 | 277 | $current = $allowed_html[strtolower($element)] |
| 268 | 278 | [strtolower($arreach['name'])]; |
| 269 | - if ($current == '') |
|
| 270 | - continue; // the attribute is not allowed |
|
| 279 | + if ($current == '') { |
|
| 280 | + continue; |
|
| 281 | + } |
|
| 282 | + // the attribute is not allowed |
|
| 271 | 283 | |
| 272 | - if (!is_array($current)) |
|
| 273 | - $attr2 .= ' '.$arreach['whole']; |
|
| 284 | + if (!is_array($current)) { |
|
| 285 | + $attr2 .= ' '.$arreach['whole']; |
|
| 286 | + } |
|
| 274 | 287 | // there are no checks |
| 275 | 288 | |
| 276 | 289 | else |
| 277 | 290 | { |
| 278 | 291 | // there are some checks |
| 279 | 292 | $ok = true; |
| 280 | - foreach ($current as $currkey => $currval) |
|
| 281 | - if (!kses_check_attr_val($arreach['value'], $arreach['vless'], |
|
| 293 | + foreach ($current as $currkey => $currval) { |
|
| 294 | + if (!kses_check_attr_val($arreach['value'], $arreach['vless'], |
|
| 282 | 295 | $currkey, $currval)) |
| 283 | - { $ok = false; break; } |
|
| 296 | + { $ok = false; |
|
| 297 | + } |
|
| 298 | + break; } |
|
| 284 | 299 | |
| 285 | 300 | if ( strtolower($arreach['name']) == 'style' ) { |
| 286 | 301 | $orig_value = $arreach['value']; |
| 287 | 302 | |
| 288 | 303 | $value = kses_safecss_filter_attr($orig_value); |
| 289 | 304 | |
| 290 | - if ( empty($value) ) |
|
| 291 | - continue; |
|
| 305 | + if ( empty($value) ) { |
|
| 306 | + continue; |
|
| 307 | + } |
|
| 292 | 308 | |
| 293 | 309 | $arreach['value'] = $value; |
| 294 | 310 | |
| 295 | 311 | $arreach['whole'] = str_replace($orig_value, $value, $arreach['whole']); |
| 296 | 312 | } |
| 297 | 313 | |
| 298 | - if ($ok) |
|
| 299 | - $attr2 .= ' '.$arreach['whole']; // it passed them |
|
| 314 | + if ($ok) { |
|
| 315 | + $attr2 .= ' '.$arreach['whole']; |
|
| 316 | + } |
|
| 317 | + // it passed them |
|
| 300 | 318 | } // if !is_array($current) |
| 301 | 319 | } // foreach |
| 302 | 320 | |
@@ -351,16 +369,22 @@ discard block |
||
| 351 | 369 | |
| 352 | 370 | case 1: // equals sign or valueless ("selected") |
| 353 | 371 | |
| 354 | - if (preg_match('/^\s*=\s*/', $attr)) // equals sign |
|
| 372 | + if (preg_match('/^\s*=\s*/', $attr)) { |
|
| 373 | + // equals sign |
|
| 355 | 374 | { |
| 356 | - $working = 1; $mode = 2; |
|
| 375 | + $working = 1; |
|
| 376 | + } |
|
| 377 | + $mode = 2; |
|
| 357 | 378 | $attr = preg_replace('/^\s*=\s*/', '', $attr); |
| 358 | 379 | break; |
| 359 | 380 | } |
| 360 | 381 | |
| 361 | - if (preg_match('/^\s+/', $attr)) // valueless |
|
| 382 | + if (preg_match('/^\s+/', $attr)) { |
|
| 383 | + // valueless |
|
| 362 | 384 | { |
| 363 | - $working = 1; $mode = 0; |
|
| 385 | + $working = 1; |
|
| 386 | + } |
|
| 387 | + $mode = 0; |
|
| 364 | 388 | if(FALSE === array_key_exists($attrname, $attrarr)) { |
| 365 | 389 | $attrarr[$attrname] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y'); |
| 366 | 390 | } |
@@ -371,16 +395,18 @@ discard block |
||
| 371 | 395 | |
| 372 | 396 | case 2: // attribute value, a URL after href= for instance |
| 373 | 397 | |
| 374 | - if (preg_match('%^"([^"]*)"(\s+|/?$)%', $attr, $match)) |
|
| 375 | - // "value" |
|
| 398 | + if (preg_match('%^"([^"]*)"(\s+|/?$)%', $attr, $match)) { |
|
| 399 | + // "value" |
|
| 376 | 400 | { |
| 377 | 401 | // MDL-2684 - kses stripping CSS styles that it thinks look like protocols |
| 378 | 402 | if ($attrname == 'style') { |
| 379 | 403 | $thisval = $match[1]; |
| 404 | + } |
|
| 380 | 405 | } else { |
| 381 | 406 | $thisval = $match[1]; |
| 382 | - if ( in_array(strtolower($attrname), $uris) ) |
|
| 383 | - $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 407 | + if ( in_array(strtolower($attrname), $uris) ) { |
|
| 408 | + $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 409 | + } |
|
| 384 | 410 | } |
| 385 | 411 | |
| 386 | 412 | if(FALSE === array_key_exists($attrname, $attrarr)) { |
@@ -391,12 +417,14 @@ discard block |
||
| 391 | 417 | break; |
| 392 | 418 | } |
| 393 | 419 | |
| 394 | - if (preg_match("%^'([^']*)'(\s+|/?$)%", $attr, $match)) |
|
| 395 | - // 'value' |
|
| 420 | + if (preg_match("%^'([^']*)'(\s+|/?$)%", $attr, $match)) { |
|
| 421 | + // 'value' |
|
| 396 | 422 | { |
| 397 | 423 | $thisval = $match[1]; |
| 398 | - if ( in_array(strtolower($attrname), $uris) ) |
|
| 399 | - $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 424 | + } |
|
| 425 | + if ( in_array(strtolower($attrname), $uris) ) { |
|
| 426 | + $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 427 | + } |
|
| 400 | 428 | |
| 401 | 429 | if(FALSE === array_key_exists($attrname, $attrarr)) { |
| 402 | 430 | $attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname='$thisval'", 'vless' => 'n'); |
@@ -406,12 +434,14 @@ discard block |
||
| 406 | 434 | break; |
| 407 | 435 | } |
| 408 | 436 | |
| 409 | - if (preg_match("%^([^\s\"']+)(\s+|/?$)%", $attr, $match)) |
|
| 410 | - // value |
|
| 437 | + if (preg_match("%^([^\s\"']+)(\s+|/?$)%", $attr, $match)) { |
|
| 438 | + // value |
|
| 411 | 439 | { |
| 412 | 440 | $thisval = $match[1]; |
| 413 | - if ( in_array(strtolower($attrname), $uris) ) |
|
| 414 | - $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 441 | + } |
|
| 442 | + if ( in_array(strtolower($attrname), $uris) ) { |
|
| 443 | + $thisval = kses_bad_protocol($thisval, $allowed_protocols); |
|
| 444 | + } |
|
| 415 | 445 | |
| 416 | 446 | if(FALSE === array_key_exists($attrname, $attrarr)) { |
| 417 | 447 | $attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname=\"$thisval\"", 'vless' => 'n'); |
@@ -424,17 +454,20 @@ discard block |
||
| 424 | 454 | break; |
| 425 | 455 | } // switch |
| 426 | 456 | |
| 427 | - if ($working == 0) // not well formed, remove and try again |
|
| 457 | + if ($working == 0) { |
|
| 458 | + // not well formed, remove and try again |
|
| 428 | 459 | { |
| 429 | 460 | $attr = kses_html_error($attr); |
| 461 | + } |
|
| 430 | 462 | $mode = 0; |
| 431 | 463 | } |
| 432 | 464 | } // while |
| 433 | 465 | |
| 434 | - if ($mode == 1 && FALSE === array_key_exists($attrname, $attrarr)) |
|
| 435 | - // special case, for when the attribute list ends with a valueless |
|
| 466 | + if ($mode == 1 && FALSE === array_key_exists($attrname, $attrarr)) { |
|
| 467 | + // special case, for when the attribute list ends with a valueless |
|
| 436 | 468 | // attribute like "selected" |
| 437 | 469 | $attrarr[$attrname] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y'); |
| 470 | + } |
|
| 438 | 471 | |
| 439 | 472 | return $attrarr; |
| 440 | 473 | } |
@@ -462,16 +495,18 @@ discard block |
||
| 462 | 495 | // greater than the given value. This can be used to avoid Buffer Overflows |
| 463 | 496 | // in WWW clients and various Internet servers. |
| 464 | 497 | |
| 465 | - if (strlen($value) > $checkvalue) |
|
| 466 | - $ok = false; |
|
| 498 | + if (strlen($value) > $checkvalue) { |
|
| 499 | + $ok = false; |
|
| 500 | + } |
|
| 467 | 501 | break; |
| 468 | 502 | |
| 469 | 503 | case 'minlen': |
| 470 | 504 | // The minlen check makes sure that the attribute value has a length not |
| 471 | 505 | // smaller than the given value. |
| 472 | 506 | |
| 473 | - if (strlen($value) < $checkvalue) |
|
| 474 | - $ok = false; |
|
| 507 | + if (strlen($value) < $checkvalue) { |
|
| 508 | + $ok = false; |
|
| 509 | + } |
|
| 475 | 510 | break; |
| 476 | 511 | |
| 477 | 512 | case 'maxval': |
@@ -481,20 +516,24 @@ discard block |
||
| 481 | 516 | // value is not greater than the given value. |
| 482 | 517 | // This check can be used to avoid Denial of Service attacks. |
| 483 | 518 | |
| 484 | - if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 485 | - $ok = false; |
|
| 486 | - if ($value > $checkvalue) |
|
| 487 | - $ok = false; |
|
| 519 | + if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) { |
|
| 520 | + $ok = false; |
|
| 521 | + } |
|
| 522 | + if ($value > $checkvalue) { |
|
| 523 | + $ok = false; |
|
| 524 | + } |
|
| 488 | 525 | break; |
| 489 | 526 | |
| 490 | 527 | case 'minval': |
| 491 | 528 | // The minval check checks that the attribute value is a positive integer, |
| 492 | 529 | // and that it is not smaller than the given value. |
| 493 | 530 | |
| 494 | - if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 495 | - $ok = false; |
|
| 496 | - if ($value < $checkvalue) |
|
| 497 | - $ok = false; |
|
| 531 | + if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) { |
|
| 532 | + $ok = false; |
|
| 533 | + } |
|
| 534 | + if ($value < $checkvalue) { |
|
| 535 | + $ok = false; |
|
| 536 | + } |
|
| 498 | 537 | break; |
| 499 | 538 | |
| 500 | 539 | case 'valueless': |
@@ -503,8 +542,9 @@ discard block |
||
| 503 | 542 | // is a "y" or a "Y", the attribute must not have a value. |
| 504 | 543 | // If the given value is an "n" or an "N", the attribute must have one. |
| 505 | 544 | |
| 506 | - if (strtolower($checkvalue) != $vless) |
|
| 507 | - $ok = false; |
|
| 545 | + if (strtolower($checkvalue) != $vless) { |
|
| 546 | + $ok = false; |
|
| 547 | + } |
|
| 508 | 548 | break; |
| 509 | 549 | } // switch |
| 510 | 550 | |
@@ -660,18 +700,20 @@ discard block |
||
| 660 | 700 | $string2 = strtolower($string2); |
| 661 | 701 | |
| 662 | 702 | $allowed = false; |
| 663 | - foreach ( (array) $allowed_protocols as $one_protocol) |
|
| 664 | - if (strtolower($one_protocol) == $string2) |
|
| 703 | + foreach ( (array) $allowed_protocols as $one_protocol) { |
|
| 704 | + if (strtolower($one_protocol) == $string2) |
|
| 665 | 705 | { |
| 666 | 706 | $allowed = true; |
| 707 | + } |
|
| 667 | 708 | break; |
| 668 | 709 | } |
| 669 | 710 | |
| 670 | - if ($allowed) |
|
| 671 | - return "$string2:"; |
|
| 672 | - else |
|
| 673 | - return ''; |
|
| 674 | -} |
|
| 711 | + if ($allowed) { |
|
| 712 | + return "$string2:"; |
|
| 713 | + } else { |
|
| 714 | + return ''; |
|
| 715 | + } |
|
| 716 | + } |
|
| 675 | 717 | |
| 676 | 718 | /** |
| 677 | 719 | * Converts and fixes HTML entities. |
@@ -711,8 +753,9 @@ discard block |
||
| 711 | 753 | function kses_named_entities($matches) { |
| 712 | 754 | global $kses_allowedentitynames; |
| 713 | 755 | |
| 714 | - if ( empty($matches[1]) ) |
|
| 715 | - return ''; |
|
| 756 | + if ( empty($matches[1]) ) { |
|
| 757 | + return ''; |
|
| 758 | + } |
|
| 716 | 759 | |
| 717 | 760 | $i = $matches[1]; |
| 718 | 761 | return ( ( ! in_array($i, $kses_allowedentitynames) ) ? "&$i;" : "&$i;" ); |
@@ -730,8 +773,9 @@ discard block |
||
| 730 | 773 | * @return string Correctly encoded entity |
| 731 | 774 | */ |
| 732 | 775 | function kses_normalize_entities2($matches) { |
| 733 | - if ( empty($matches[1]) ) |
|
| 734 | - return ''; |
|
| 776 | + if ( empty($matches[1]) ) { |
|
| 777 | + return ''; |
|
| 778 | + } |
|
| 735 | 779 | |
| 736 | 780 | $i = $matches[1]; |
| 737 | 781 | if (kses_valid_unicode($i)) { |
@@ -756,8 +800,9 @@ discard block |
||
| 756 | 800 | * @return string Correctly encoded entity |
| 757 | 801 | */ |
| 758 | 802 | function kses_normalize_entities3($matches) { |
| 759 | - if ( empty($matches[1]) ) |
|
| 760 | - return ''; |
|
| 803 | + if ( empty($matches[1]) ) { |
|
| 804 | + return ''; |
|
| 805 | + } |
|
| 761 | 806 | |
| 762 | 807 | $hexchars = $matches[1]; |
| 763 | 808 | return ( ( ! kses_valid_unicode(hexdec($hexchars)) ) ? "&#x$hexchars;" : '&#x'.ltrim($hexchars,'0').';' ); |
@@ -823,8 +868,10 @@ discard block |
||
| 823 | 868 | $css = kses_no_null($css); |
| 824 | 869 | $css = str_replace(array("\n","\r","\t"), '', $css); |
| 825 | 870 | |
| 826 | - if ( preg_match( '%[\\(&=}]|/\*%', $css ) ) // remove any inline css containing \ ( & } = or comments |
|
| 871 | + if ( preg_match( '%[\\(&=}]|/\*%', $css ) ) { |
|
| 872 | + // remove any inline css containing \ ( & } = or comments |
|
| 827 | 873 | return ''; |
| 874 | + } |
|
| 828 | 875 | |
| 829 | 876 | $css_array = explode( ';', trim( $css ) ); |
| 830 | 877 | $allowed_attr = array( 'text-align', 'margin', 'color', 'float', |
@@ -839,25 +886,29 @@ discard block |
||
| 839 | 886 | 'padding-left', 'padding-right', 'padding-top', 'text-decoration', 'text-indent', 'vertical-align', |
| 840 | 887 | 'width' ); |
| 841 | 888 | |
| 842 | - if ( empty($allowed_attr) ) |
|
| 843 | - return $css; |
|
| 889 | + if ( empty($allowed_attr) ) { |
|
| 890 | + return $css; |
|
| 891 | + } |
|
| 844 | 892 | |
| 845 | 893 | $css = ''; |
| 846 | 894 | foreach ( $css_array as $css_item ) { |
| 847 | - if ( $css_item == '' ) |
|
| 848 | - continue; |
|
| 895 | + if ( $css_item == '' ) { |
|
| 896 | + continue; |
|
| 897 | + } |
|
| 849 | 898 | $css_item = trim( $css_item ); |
| 850 | 899 | $found = false; |
| 851 | 900 | if ( strpos( $css_item, ':' ) === false ) { |
| 852 | 901 | $found = true; |
| 853 | 902 | } else { |
| 854 | 903 | $parts = split( ':', $css_item ); |
| 855 | - if ( in_array( strtolower( trim( $parts[0] ) ), $allowed_attr ) ) |
|
| 856 | - $found = true; |
|
| 904 | + if ( in_array( strtolower( trim( $parts[0] ) ), $allowed_attr ) ) { |
|
| 905 | + $found = true; |
|
| 906 | + } |
|
| 857 | 907 | } |
| 858 | 908 | if ( $found ) { |
| 859 | - if( $css != '' ) |
|
| 860 | - $css .= ';'; |
|
| 909 | + if( $css != '' ) { |
|
| 910 | + $css .= ';'; |
|
| 911 | + } |
|
| 861 | 912 | $css .= $css_item; |
| 862 | 913 | } |
| 863 | 914 | } |
@@ -192,13 +192,11 @@ discard block |
||
| 192 | 192 | $this->AddProtocol($protocol); |
| 193 | 193 | } |
| 194 | 194 | return true; |
| 195 | - } |
|
| 196 | - elseif(is_string($protocol_data)) |
|
| 195 | + } elseif(is_string($protocol_data)) |
|
| 197 | 196 | { |
| 198 | 197 | $this->AddProtocol($protocol_data); |
| 199 | 198 | return true; |
| 200 | - } |
|
| 201 | - else |
|
| 199 | + } else |
|
| 202 | 200 | { |
| 203 | 201 | trigger_error("kses5::AddProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 204 | 202 | return false; |
@@ -341,13 +339,11 @@ discard block |
||
| 341 | 339 | { |
| 342 | 340 | $this->RemoveProtocol($protocol); |
| 343 | 341 | } |
| 344 | - } |
|
| 345 | - elseif(is_string($protocol_data)) |
|
| 342 | + } elseif(is_string($protocol_data)) |
|
| 346 | 343 | { |
| 347 | 344 | $this->RemoveProtocol($protocol_data); |
| 348 | 345 | return true; |
| 349 | - } |
|
| 350 | - else |
|
| 346 | + } else |
|
| 351 | 347 | { |
| 352 | 348 | trigger_error("kses5::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 353 | 349 | return false; |
@@ -388,14 +384,12 @@ discard block |
||
| 388 | 384 | $this->AddProtocol($protocol); |
| 389 | 385 | } |
| 390 | 386 | return true; |
| 391 | - } |
|
| 392 | - elseif(is_string($protocol_data)) |
|
| 387 | + } elseif(is_string($protocol_data)) |
|
| 393 | 388 | { |
| 394 | 389 | $this->allowed_protocols = array(); |
| 395 | 390 | $this->AddProtocol($protocol_data); |
| 396 | 391 | return true; |
| 397 | - } |
|
| 398 | - else |
|
| 392 | + } else |
|
| 399 | 393 | { |
| 400 | 394 | trigger_error("kses5::SetProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 401 | 395 | return false; |
@@ -747,8 +741,7 @@ discard block |
||
| 747 | 741 | { |
| 748 | 742 | # there are no checks |
| 749 | 743 | $attr2 .= ' '.$arreach['whole']; |
| 750 | - } |
|
| 751 | - else |
|
| 744 | + } else |
|
| 752 | 745 | { |
| 753 | 746 | # there are some checks |
| 754 | 747 | $ok = true; |
@@ -817,16 +810,20 @@ discard block |
||
| 817 | 810 | } |
| 818 | 811 | break; |
| 819 | 812 | case 1: # equals sign or valueless ("selected") |
| 820 | - if (preg_match('/^\s*=\s*/', $attr)) # equals sign |
|
| 813 | + if (preg_match('/^\s*=\s*/', $attr)) { |
|
| 814 | + # equals sign |
|
| 821 | 815 | { |
| 822 | 816 | $working = 1; |
| 817 | + } |
|
| 823 | 818 | $mode = 2; |
| 824 | 819 | $attr = preg_replace('/^\s*=\s*/', '', $attr); |
| 825 | 820 | break; |
| 826 | 821 | } |
| 827 | - if (preg_match('/^\s+/', $attr)) # valueless |
|
| 822 | + if (preg_match('/^\s+/', $attr)) { |
|
| 823 | + # valueless |
|
| 828 | 824 | { |
| 829 | 825 | $working = 1; |
| 826 | + } |
|
| 830 | 827 | $mode = 0; |
| 831 | 828 | $attrarr[] = array( |
| 832 | 829 | 'name' => $attrname, |
@@ -838,9 +835,11 @@ discard block |
||
| 838 | 835 | } |
| 839 | 836 | break; |
| 840 | 837 | case 2: # attribute value, a URL after href= for instance |
| 841 | - if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value" |
|
| 838 | + if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) { |
|
| 839 | + # "value" |
|
| 842 | 840 | { |
| 843 | 841 | $thisval = $this->removeBadProtocols($match[1]); |
| 842 | + } |
|
| 844 | 843 | $attrarr[] = array( |
| 845 | 844 | 'name' => $attrname, |
| 846 | 845 | 'value' => $thisval, |
@@ -852,9 +851,11 @@ discard block |
||
| 852 | 851 | $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr); |
| 853 | 852 | break; |
| 854 | 853 | } |
| 855 | - if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value' |
|
| 854 | + if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) { |
|
| 855 | + # 'value' |
|
| 856 | 856 | { |
| 857 | 857 | $thisval = $this->removeBadProtocols($match[1]); |
| 858 | + } |
|
| 858 | 859 | $attrarr[] = array( |
| 859 | 860 | 'name' => $attrname, |
| 860 | 861 | 'value' => $thisval, |
@@ -866,9 +867,11 @@ discard block |
||
| 866 | 867 | $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr); |
| 867 | 868 | break; |
| 868 | 869 | } |
| 869 | - if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value |
|
| 870 | + if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) { |
|
| 871 | + # value |
|
| 870 | 872 | { |
| 871 | 873 | $thisval = $this->removeBadProtocols($match[1]); |
| 874 | + } |
|
| 872 | 875 | $attrarr[] = array( |
| 873 | 876 | 'name' => $attrname, |
| 874 | 877 | 'value' => $thisval, |
@@ -883,9 +886,11 @@ discard block |
||
| 883 | 886 | break; |
| 884 | 887 | } |
| 885 | 888 | |
| 886 | - if ($working == 0) # not well formed, remove and try again |
|
| 889 | + if ($working == 0) { |
|
| 890 | + # not well formed, remove and try again |
|
| 887 | 891 | { |
| 888 | 892 | $attr = preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $attr); |
| 893 | + } |
|
| 889 | 894 | $mode = 0; |
| 890 | 895 | } |
| 891 | 896 | } |
@@ -8,12 +8,10 @@ discard block |
||
| 8 | 8 | if(substr(phpversion(), 0, 1) < 4) |
| 9 | 9 | { |
| 10 | 10 | define('KSESTEST_VER', 0); |
| 11 | - } |
|
| 12 | - elseif(substr(phpversion(), 0, 1) >= 5) |
|
| 11 | + } elseif(substr(phpversion(), 0, 1) >= 5) |
|
| 13 | 12 | { |
| 14 | 13 | define('KSESTEST_VER', 5); |
| 15 | - } |
|
| 16 | - else |
|
| 14 | + } else |
|
| 17 | 15 | { |
| 18 | 16 | define('KSESTEST_VER', 4); |
| 19 | 17 | } |
@@ -22,8 +20,7 @@ discard block |
||
| 22 | 20 | if($_SERVER["DOCUMENT_ROOT"] == "") |
| 23 | 21 | { |
| 24 | 22 | define('KSESTEST_ENV', 'CLI'); |
| 25 | - } |
|
| 26 | - else |
|
| 23 | + } else |
|
| 27 | 24 | { |
| 28 | 25 | define('KSESTEST_ENV', 'WEB'); |
| 29 | 26 | } |
@@ -48,8 +45,7 @@ discard block |
||
| 48 | 45 | if(file_exists($include_file) && is_readable($include_file)) |
| 49 | 46 | { |
| 50 | 47 | include_once($include_file); |
| 51 | - } |
|
| 52 | - else |
|
| 48 | + } else |
|
| 53 | 49 | { |
| 54 | 50 | $message = array( |
| 55 | 51 | "Error: Unable to find '" . $include_file . "'.", |
@@ -126,8 +122,7 @@ discard block |
||
| 126 | 122 | if(KSESTEST_ENV == 'CLI') |
| 127 | 123 | { |
| 128 | 124 | return $text; |
| 129 | - } |
|
| 130 | - else |
|
| 125 | + } else |
|
| 131 | 126 | { |
| 132 | 127 | return "<code>\n$text<code>\n"; |
| 133 | 128 | } |
@@ -138,8 +133,7 @@ discard block |
||
| 138 | 133 | if(KSESTEST_ENV == 'CLI') |
| 139 | 134 | { |
| 140 | 135 | return $text; |
| 141 | - } |
|
| 142 | - else |
|
| 136 | + } else |
|
| 143 | 137 | { |
| 144 | 138 | return htmlentities($text); |
| 145 | 139 | } |
@@ -150,14 +144,12 @@ discard block |
||
| 150 | 144 | if(KSESTEST_ENV == 'CLI') |
| 151 | 145 | { |
| 152 | 146 | return '[' . $text . ']'; |
| 153 | - } |
|
| 154 | - else |
|
| 147 | + } else |
|
| 155 | 148 | { |
| 156 | 149 | if($pass == true) |
| 157 | 150 | { |
| 158 | 151 | return '<span style="color: green;">[' . $text . ']</span>'; |
| 159 | - } |
|
| 160 | - else |
|
| 152 | + } else |
|
| 161 | 153 | { |
| 162 | 154 | return '<span style="color: red;">[' . $text . ']</span>'; |
| 163 | 155 | } |
@@ -169,8 +161,7 @@ discard block |
||
| 169 | 161 | if(KSESTEST_ENV == 'WEB') |
| 170 | 162 | { |
| 171 | 163 | $out = " "; |
| 172 | - } |
|
| 173 | - else |
|
| 164 | + } else |
|
| 174 | 165 | { |
| 175 | 166 | $out = " "; |
| 176 | 167 | } |
@@ -183,8 +174,7 @@ discard block |
||
| 183 | 174 | if(KSESTEST_ENV == 'WEB') |
| 184 | 175 | { |
| 185 | 176 | $out = "<br />\n"; |
| 186 | - } |
|
| 187 | - else |
|
| 177 | + } else |
|
| 188 | 178 | { |
| 189 | 179 | $out = "\n"; |
| 190 | 180 | } |
@@ -207,8 +197,7 @@ discard block |
||
| 207 | 197 | $out .= "\t\t<p>\n"; |
| 208 | 198 | $out .= "\t\t\t$text\n"; |
| 209 | 199 | $out .= "\t\t</p>\n"; |
| 210 | - } |
|
| 211 | - else |
|
| 200 | + } else |
|
| 212 | 201 | { |
| 213 | 202 | $header = "$title\n" . str_repeat('-', 60) . "\n\n"; |
| 214 | 203 | $out .= "\t$text\n\n"; |
@@ -226,8 +215,7 @@ discard block |
||
| 226 | 215 | echo $out; |
| 227 | 216 | echo "\t</body>\n"; |
| 228 | 217 | echo "</html>\n"; |
| 229 | - } |
|
| 230 | - else |
|
| 218 | + } else |
|
| 231 | 219 | { |
| 232 | 220 | echo $header; |
| 233 | 221 | echo $out; |
@@ -239,8 +227,7 @@ discard block |
||
| 239 | 227 | if(KSESTEST_ENV == 'WEB') |
| 240 | 228 | { |
| 241 | 229 | return "\t\t\t<hr />\n"; |
| 242 | - } |
|
| 243 | - else |
|
| 230 | + } else |
|
| 244 | 231 | { |
| 245 | 232 | return str_repeat(60, '-') . "\n"; |
| 246 | 233 | } |
@@ -262,8 +249,7 @@ discard block |
||
| 262 | 249 | $text .= "\t\t\t\t<li>$li</li>\n"; |
| 263 | 250 | } |
| 264 | 251 | $text .= "\t\t\t</ul>\n"; |
| 265 | - } |
|
| 266 | - else |
|
| 252 | + } else |
|
| 267 | 253 | { |
| 268 | 254 | foreach($data as $li) |
| 269 | 255 | { |
@@ -165,13 +165,11 @@ discard block |
||
| 165 | 165 | $this->AddProtocol($protocol); |
| 166 | 166 | } |
| 167 | 167 | return true; |
| 168 | - } |
|
| 169 | - elseif(is_string($protocol_data)) |
|
| 168 | + } elseif(is_string($protocol_data)) |
|
| 170 | 169 | { |
| 171 | 170 | $this->AddProtocol($protocol_data); |
| 172 | 171 | return true; |
| 173 | - } |
|
| 174 | - else |
|
| 172 | + } else |
|
| 175 | 173 | { |
| 176 | 174 | trigger_error("kses4::AddProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 177 | 175 | return false; |
@@ -273,14 +271,12 @@ discard block |
||
| 273 | 271 | $this->AddProtocol($protocol); |
| 274 | 272 | } |
| 275 | 273 | return true; |
| 276 | - } |
|
| 277 | - elseif(is_string($protocol_data)) |
|
| 274 | + } elseif(is_string($protocol_data)) |
|
| 278 | 275 | { |
| 279 | 276 | $this->allowed_protocols = array(); |
| 280 | 277 | $this->AddProtocol($protocol_data); |
| 281 | 278 | return true; |
| 282 | - } |
|
| 283 | - else |
|
| 279 | + } else |
|
| 284 | 280 | { |
| 285 | 281 | trigger_error("kses4::SetProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 286 | 282 | return false; |
@@ -451,13 +447,11 @@ discard block |
||
| 451 | 447 | { |
| 452 | 448 | $this->RemoveProtocol($protocol); |
| 453 | 449 | } |
| 454 | - } |
|
| 455 | - elseif(is_string($protocol_data)) |
|
| 450 | + } elseif(is_string($protocol_data)) |
|
| 456 | 451 | { |
| 457 | 452 | $this->RemoveProtocol($protocol_data); |
| 458 | 453 | return true; |
| 459 | - } |
|
| 460 | - else |
|
| 454 | + } else |
|
| 461 | 455 | { |
| 462 | 456 | trigger_error("kses4::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING); |
| 463 | 457 | return false; |
@@ -740,8 +734,7 @@ discard block |
||
| 740 | 734 | { |
| 741 | 735 | # there are no checks |
| 742 | 736 | $attr2 .= ' '.$arreach['whole']; |
| 743 | - } |
|
| 744 | - else |
|
| 737 | + } else |
|
| 745 | 738 | { |
| 746 | 739 | # there are some checks |
| 747 | 740 | $ok = true; |
@@ -810,16 +803,20 @@ discard block |
||
| 810 | 803 | } |
| 811 | 804 | break; |
| 812 | 805 | case 1: # equals sign or valueless ("selected") |
| 813 | - if (preg_match('/^\s*=\s*/', $attr)) # equals sign |
|
| 806 | + if (preg_match('/^\s*=\s*/', $attr)) { |
|
| 807 | + # equals sign |
|
| 814 | 808 | { |
| 815 | 809 | $working = 1; |
| 810 | + } |
|
| 816 | 811 | $mode = 2; |
| 817 | 812 | $attr = preg_replace('/^\s*=\s*/', '', $attr); |
| 818 | 813 | break; |
| 819 | 814 | } |
| 820 | - if (preg_match('/^\s+/', $attr)) # valueless |
|
| 815 | + if (preg_match('/^\s+/', $attr)) { |
|
| 816 | + # valueless |
|
| 821 | 817 | { |
| 822 | 818 | $working = 1; |
| 819 | + } |
|
| 823 | 820 | $mode = 0; |
| 824 | 821 | $attrarr[] = array( |
| 825 | 822 | 'name' => $attrname, |
@@ -831,9 +828,11 @@ discard block |
||
| 831 | 828 | } |
| 832 | 829 | break; |
| 833 | 830 | case 2: # attribute value, a URL after href= for instance |
| 834 | - if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value" |
|
| 831 | + if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) { |
|
| 832 | + # "value" |
|
| 835 | 833 | { |
| 836 | 834 | $thisval = $this->_bad_protocol($match[1]); |
| 835 | + } |
|
| 837 | 836 | $attrarr[] = array( |
| 838 | 837 | 'name' => $attrname, |
| 839 | 838 | 'value' => $thisval, |
@@ -845,9 +844,11 @@ discard block |
||
| 845 | 844 | $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr); |
| 846 | 845 | break; |
| 847 | 846 | } |
| 848 | - if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value' |
|
| 847 | + if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) { |
|
| 848 | + # 'value' |
|
| 849 | 849 | { |
| 850 | 850 | $thisval = $this->_bad_protocol($match[1]); |
| 851 | + } |
|
| 851 | 852 | $attrarr[] = array( |
| 852 | 853 | 'name' => $attrname, |
| 853 | 854 | 'value' => $thisval, |
@@ -859,9 +860,11 @@ discard block |
||
| 859 | 860 | $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr); |
| 860 | 861 | break; |
| 861 | 862 | } |
| 862 | - if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value |
|
| 863 | + if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) { |
|
| 864 | + # value |
|
| 863 | 865 | { |
| 864 | 866 | $thisval = $this->_bad_protocol($match[1]); |
| 867 | + } |
|
| 865 | 868 | $attrarr[] = array( |
| 866 | 869 | 'name' => $attrname, |
| 867 | 870 | 'value' => $thisval, |
@@ -876,9 +879,11 @@ discard block |
||
| 876 | 879 | break; |
| 877 | 880 | } |
| 878 | 881 | |
| 879 | - if ($working == 0) # not well formed, remove and try again |
|
| 882 | + if ($working == 0) { |
|
| 883 | + # not well formed, remove and try again |
|
| 880 | 884 | { |
| 881 | 885 | $attr = $this->_html_error($attr); |
| 886 | + } |
|
| 882 | 887 | $mode = 0; |
| 883 | 888 | } |
| 884 | 889 | } |
@@ -985,8 +990,7 @@ discard block |
||
| 985 | 990 | if ($allowed) |
| 986 | 991 | { |
| 987 | 992 | return "$string:"; |
| 988 | - } |
|
| 989 | - else |
|
| 993 | + } else |
|
| 990 | 994 | { |
| 991 | 995 | return ''; |
| 992 | 996 | } |
@@ -213,16 +213,19 @@ |
||
| 213 | 213 | if (is_dir($dir)) { |
| 214 | 214 | while(($entry = $dir->read()) !== false) |
| 215 | 215 | { |
| 216 | - if ($entry != '.' && $entry != '..') |
|
| 217 | - continue; |
|
| 216 | + if ($entry != '.' && $entry != '..') { |
|
| 217 | + continue; |
|
| 218 | + } |
|
| 218 | 219 | |
| 219 | - if (!is_dir($dir_name.'/'.$entry)) |
|
| 220 | - $current_modified = filemtime($dir_name.'/'.$entry); |
|
| 221 | - elseif ($do_recursive) |
|
| 222 | - $current_modified = recent_modified_file_time($dir_name.'/'.$entry, true); |
|
| 220 | + if (!is_dir($dir_name.'/'.$entry)) { |
|
| 221 | + $current_modified = filemtime($dir_name.'/'.$entry); |
|
| 222 | + } elseif ($do_recursive) { |
|
| 223 | + $current_modified = recent_modified_file_time($dir_name.'/'.$entry, true); |
|
| 224 | + } |
|
| 223 | 225 | |
| 224 | - if ($current_modified > $last_modified) |
|
| 225 | - $last_modified = $current_modified; |
|
| 226 | + if ($current_modified > $last_modified) { |
|
| 227 | + $last_modified = $current_modified; |
|
| 228 | + } |
|
| 226 | 229 | } |
| 227 | 230 | |
| 228 | 231 | $dir->close(); |
@@ -993,7 +993,9 @@ |
||
| 993 | 993 | if ($file != '.' && $file != '..') { |
| 994 | 994 | |
| 995 | 995 | $filetype = 'file'; |
| 996 | - if (is_dir($base_work_dir.$upload_path.'/'.$file)) $filetype = 'folder'; |
|
| 996 | + if (is_dir($base_work_dir.$upload_path.'/'.$file)) { |
|
| 997 | + $filetype = 'folder'; |
|
| 998 | + } |
|
| 997 | 999 | |
| 998 | 1000 | $safe_file = api_replace_dangerous_char($file, 'strict'); |
| 999 | 1001 | @rename($base_work_dir.$upload_path.'/'.$file,$base_work_dir.$upload_path.'/'.$safe_file); |
@@ -1906,8 +1906,9 @@ |
||
| 1906 | 1906 | $new_relation_type[] ="'$rel'"; |
| 1907 | 1907 | } |
| 1908 | 1908 | $relation_type = implode(',', $new_relation_type); |
| 1909 | - if (!empty($relation_type)) |
|
| 1910 | - $where_relation_condition = "AND gu.relation_type IN ($relation_type) "; |
|
| 1909 | + if (!empty($relation_type)) { |
|
| 1910 | + $where_relation_condition = "AND gu.relation_type IN ($relation_type) "; |
|
| 1911 | + } |
|
| 1911 | 1912 | } |
| 1912 | 1913 | |
| 1913 | 1914 | $sql = "SELECT picture_uri as image, u.id, u.firstname, u.lastname, relation_type |
@@ -3122,8 +3122,9 @@ |
||
| 3122 | 3122 | global $DaysShort, $course_path; |
| 3123 | 3123 | //Handle leap year |
| 3124 | 3124 | $numberofdays = array (0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31); |
| 3125 | - if (($year % 400 == 0) or ($year % 4 == 0 and $year % 100 <> 0)) |
|
| 3126 | - $numberofdays[2] = 29; |
|
| 3125 | + if (($year % 400 == 0) or ($year % 4 == 0 and $year % 100 <> 0)) { |
|
| 3126 | + $numberofdays[2] = 29; |
|
| 3127 | + } |
|
| 3127 | 3128 | //Get the first day of the month |
| 3128 | 3129 | $dayone = getdate(mktime(0, 0, 0, $month, 1, $year)); |
| 3129 | 3130 | //Start the week on monday |
@@ -173,8 +173,9 @@ discard block |
||
| 173 | 173 | $this->aObjects = array(); |
| 174 | 174 | $this->aFunctionIncludeFiles = array(); |
| 175 | 175 | $this->sRequestURI = $sRequestURI; |
| 176 | - if ($this->sRequestURI == "") |
|
| 177 | - $this->sRequestURI = $this->_detectURI(); |
|
| 176 | + if ($this->sRequestURI == "") { |
|
| 177 | + $this->sRequestURI = $this->_detectURI(); |
|
| 178 | + } |
|
| 178 | 179 | $this->sWrapperPrefix = $sWrapperPrefix; |
| 179 | 180 | $this->bDebug = $bDebug; |
| 180 | 181 | $this->bStatusMessages = false; |
@@ -399,8 +400,7 @@ discard block |
||
| 399 | 400 | $this->aFunctions[$mFunction[0]] = 1; |
| 400 | 401 | $this->aFunctionRequestTypes[$mFunction[0]] = $sRequestType; |
| 401 | 402 | $this->aObjects[$mFunction[0]] = array_slice($mFunction, 1); |
| 402 | - } |
|
| 403 | - else { |
|
| 403 | + } else { |
|
| 404 | 404 | $this->aFunctions[$mFunction] = 1; |
| 405 | 405 | $this->aFunctionRequestTypes[$mFunction] = $sRequestType; |
| 406 | 406 | } |
@@ -426,8 +426,7 @@ discard block |
||
| 426 | 426 | |
| 427 | 427 | if (is_array($mFunction)) { |
| 428 | 428 | $this->aFunctionIncludeFiles[$mFunction[0]] = $sIncludeFile; |
| 429 | - } |
|
| 430 | - else { |
|
| 429 | + } else { |
|
| 431 | 430 | $this->aFunctionIncludeFiles[$mFunction] = $sIncludeFile; |
| 432 | 431 | } |
| 433 | 432 | } |
@@ -451,8 +450,7 @@ discard block |
||
| 451 | 450 | if (is_array($mFunction)) { |
| 452 | 451 | $this->sCatchAllFunction = $mFunction[0]; |
| 453 | 452 | $this->aObjects[$mFunction[0]] = array_slice($mFunction, 1); |
| 454 | - } |
|
| 455 | - else { |
|
| 453 | + } else { |
|
| 456 | 454 | $this->sCatchAllFunction = $mFunction; |
| 457 | 455 | } |
| 458 | 456 | } |
@@ -477,8 +475,7 @@ discard block |
||
| 477 | 475 | if (is_array($mFunction)) { |
| 478 | 476 | $this->sPreFunction = $mFunction[0]; |
| 479 | 477 | $this->aObjects[$mFunction[0]] = array_slice($mFunction, 1); |
| 480 | - } |
|
| 481 | - else { |
|
| 478 | + } else { |
|
| 482 | 479 | $this->sPreFunction = $mFunction; |
| 483 | 480 | } |
| 484 | 481 | } |
@@ -492,7 +489,9 @@ discard block |
||
| 492 | 489 | */ |
| 493 | 490 | function canProcessRequests() |
| 494 | 491 | { |
| 495 | - if ($this->getRequestMode() != -1) return true; |
|
| 492 | + if ($this->getRequestMode() != -1) { |
|
| 493 | + return true; |
|
| 494 | + } |
|
| 496 | 495 | return false; |
| 497 | 496 | } |
| 498 | 497 | |
@@ -504,11 +503,13 @@ discard block |
||
| 504 | 503 | */ |
| 505 | 504 | function getRequestMode() |
| 506 | 505 | { |
| 507 | - if (!empty($_GET["xajax"])) |
|
| 508 | - return XAJAX_GET; |
|
| 506 | + if (!empty($_GET["xajax"])) { |
|
| 507 | + return XAJAX_GET; |
|
| 508 | + } |
|
| 509 | 509 | |
| 510 | - if (!empty($_POST["xajax"])) |
|
| 511 | - return XAJAX_POST; |
|
| 510 | + if (!empty($_POST["xajax"])) { |
|
| 511 | + return XAJAX_POST; |
|
| 512 | + } |
|
| 512 | 513 | |
| 513 | 514 | return -1; |
| 514 | 515 | } |
@@ -535,16 +536,18 @@ discard block |
||
| 535 | 536 | $sResponse = ""; |
| 536 | 537 | |
| 537 | 538 | $requestMode = $this->getRequestMode(); |
| 538 | - if ($requestMode == -1) return; |
|
| 539 | + if ($requestMode == -1) { |
|
| 540 | + return; |
|
| 541 | + } |
|
| 539 | 542 | |
| 540 | 543 | if ($requestMode == XAJAX_POST) |
| 541 | 544 | { |
| 542 | 545 | $sFunctionName = $_POST["xajax"]; |
| 543 | 546 | |
| 544 | - if (!empty($_POST["xajaxargs"])) |
|
| 545 | - $aArgs = $_POST["xajaxargs"]; |
|
| 546 | - } |
|
| 547 | - else |
|
| 547 | + if (!empty($_POST["xajaxargs"])) { |
|
| 548 | + $aArgs = $_POST["xajaxargs"]; |
|
| 549 | + } |
|
| 550 | + } else |
|
| 548 | 551 | { |
| 549 | 552 | header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); |
| 550 | 553 | header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); |
@@ -553,8 +556,9 @@ discard block |
||
| 553 | 556 | |
| 554 | 557 | $sFunctionName = $_GET["xajax"]; |
| 555 | 558 | |
| 556 | - if (!empty($_GET["xajaxargs"])) |
|
| 557 | - $aArgs = $_GET["xajaxargs"]; |
|
| 559 | + if (!empty($_GET["xajaxargs"])) { |
|
| 560 | + $aArgs = $_GET["xajaxargs"]; |
|
| 561 | + } |
|
| 558 | 562 | } |
| 559 | 563 | |
| 560 | 564 | // Use xajax error handler if necessary |
@@ -586,15 +590,13 @@ discard block |
||
| 586 | 590 | if ($this->sCatchAllFunction) { |
| 587 | 591 | $sFunctionName = $this->sCatchAllFunction; |
| 588 | 592 | $bFunctionIsCatchAll = true; |
| 589 | - } |
|
| 590 | - else { |
|
| 593 | + } else { |
|
| 591 | 594 | $bFoundFunction = false; |
| 592 | 595 | $objResponse = new xajaxResponse(); |
| 593 | 596 | $objResponse->addAlert("Unknown Function $sFunctionName."); |
| 594 | 597 | $sResponse = $objResponse->getXML(); |
| 595 | 598 | } |
| 596 | - } |
|
| 597 | - else if ($this->aFunctionRequestTypes[$sFunctionName] != $requestMode) |
|
| 599 | + } else if ($this->aFunctionRequestTypes[$sFunctionName] != $requestMode) |
|
| 598 | 600 | { |
| 599 | 601 | $bFoundFunction = false; |
| 600 | 602 | $objResponse = new xajaxResponse(); |
@@ -615,12 +617,10 @@ discard block |
||
| 615 | 617 | if (stristr($aArgs[$i],"<xjxobj>") != false) |
| 616 | 618 | { |
| 617 | 619 | $aArgs[$i] = $this->_xmlToArray("xjxobj",$aArgs[$i]); |
| 618 | - } |
|
| 619 | - else if (stristr($aArgs[$i],"<xjxquery>") != false) |
|
| 620 | + } else if (stristr($aArgs[$i],"<xjxquery>") != false) |
|
| 620 | 621 | { |
| 621 | 622 | $aArgs[$i] = $this->_xmlToArray("xjxquery",$aArgs[$i]); |
| 622 | - } |
|
| 623 | - else if ($this->bDecodeUTF8Input) |
|
| 623 | + } else if ($this->bDecodeUTF8Input) |
|
| 624 | 624 | { |
| 625 | 625 | $aArgs[$i] = $this->_decodeUTF8Data($aArgs[$i]); |
| 626 | 626 | } |
@@ -631,14 +631,15 @@ discard block |
||
| 631 | 631 | if (is_array($mPreResponse) && $mPreResponse[0] === false) { |
| 632 | 632 | $bEndRequest = true; |
| 633 | 633 | $sPreResponse = $mPreResponse[1]; |
| 634 | - } |
|
| 635 | - else { |
|
| 634 | + } else { |
|
| 636 | 635 | $sPreResponse = $mPreResponse; |
| 637 | 636 | } |
| 638 | 637 | if (is_a($sPreResponse, "xajaxResponse")) { |
| 639 | 638 | $sPreResponse = $sPreResponse->getXML(); |
| 640 | 639 | } |
| 641 | - if ($bEndRequest) $sResponse = $sPreResponse; |
|
| 640 | + if ($bEndRequest) { |
|
| 641 | + $sResponse = $sPreResponse; |
|
| 642 | + } |
|
| 642 | 643 | } |
| 643 | 644 | |
| 644 | 645 | if (!$bEndRequest) { |
@@ -646,8 +647,7 @@ discard block |
||
| 646 | 647 | $objResponse = new xajaxResponse(); |
| 647 | 648 | $objResponse->addAlert("The Registered Function $sFunctionName Could Not Be Found."); |
| 648 | 649 | $sResponse = $objResponse->getXML(); |
| 649 | - } |
|
| 650 | - else { |
|
| 650 | + } else { |
|
| 651 | 651 | if ($bFunctionIsCatchAll) { |
| 652 | 652 | $aArgs = array($sFunctionNameForSpecial, $aArgs); |
| 653 | 653 | } |
@@ -660,8 +660,7 @@ discard block |
||
| 660 | 660 | $objResponse = new xajaxResponse(); |
| 661 | 661 | $objResponse->addAlert("No XML Response Was Returned By Function $sFunctionName."); |
| 662 | 662 | $sResponse = $objResponse->getXML(); |
| 663 | - } |
|
| 664 | - else if ($sPreResponse != "") { |
|
| 663 | + } else if ($sPreResponse != "") { |
|
| 665 | 664 | $sNewResponse = new xajaxResponse($this->sEncoding, $this->bOutputEntities); |
| 666 | 665 | $sNewResponse->loadXML($sPreResponse); |
| 667 | 666 | $sNewResponse->loadXML($sResponse); |
@@ -671,8 +670,9 @@ discard block |
||
| 671 | 670 | } |
| 672 | 671 | |
| 673 | 672 | $sContentHeader = "Content-type: text/xml;"; |
| 674 | - if ($this->sEncoding && strlen(trim($this->sEncoding)) > 0) |
|
| 675 | - $sContentHeader .= " charset=".$this->sEncoding; |
|
| 673 | + if ($this->sEncoding && strlen(trim($this->sEncoding)) > 0) { |
|
| 674 | + $sContentHeader .= " charset=".$this->sEncoding; |
|
| 675 | + } |
|
| 676 | 676 | header($sContentHeader); |
| 677 | 677 | if ($this->bErrorHandler && !empty( $GLOBALS['xajaxErrorHandlerText'] )) { |
| 678 | 678 | $sErrorResponse = new xajaxResponse(); |
@@ -681,8 +681,7 @@ discard block |
||
| 681 | 681 | $fH = @fopen($this->sLogFile, "a"); |
| 682 | 682 | if (!$fH) { |
| 683 | 683 | $sErrorResponse->addAlert("** Logging Error **\n\nxajax was unable to write to the error log file:\n" . $this->sLogFile); |
| 684 | - } |
|
| 685 | - else { |
|
| 684 | + } else { |
|
| 686 | 685 | fwrite($fH, "** xajax Error Log - " . strftime("%b %e %Y %I:%M:%S %p") . " **" . $GLOBALS['xajaxErrorHandlerText'] . "\n\n\n"); |
| 687 | 686 | fclose($fH); |
| 688 | 687 | } |
@@ -692,12 +691,17 @@ discard block |
||
| 692 | 691 | $sResponse = $sErrorResponse->getXML(); |
| 693 | 692 | |
| 694 | 693 | } |
| 695 | - if ($this->bCleanBuffer) while (@ob_end_clean()); |
|
| 694 | + if ($this->bCleanBuffer) { |
|
| 695 | + while (@ob_end_clean()); |
|
| 696 | + } |
|
| 696 | 697 | print $sResponse; |
| 697 | - if ($this->bErrorHandler) restore_error_handler(); |
|
| 698 | + if ($this->bErrorHandler) { |
|
| 699 | + restore_error_handler(); |
|
| 700 | + } |
|
| 698 | 701 | |
| 699 | - if ($this->bExitAllowed) |
|
| 700 | - exit(); |
|
| 702 | + if ($this->bExitAllowed) { |
|
| 703 | + exit(); |
|
| 704 | + } |
|
| 701 | 705 | } |
| 702 | 706 | |
| 703 | 707 | /** |
@@ -806,9 +810,13 @@ discard block |
||
| 806 | 810 | */ |
| 807 | 811 | function getJavascriptInclude($sJsURI="", $sJsFile=NULL) |
| 808 | 812 | { |
| 809 | - if ($sJsFile == NULL) $sJsFile = "xajax_js/xajax.js"; |
|
| 813 | + if ($sJsFile == NULL) { |
|
| 814 | + $sJsFile = "xajax_js/xajax.js"; |
|
| 815 | + } |
|
| 810 | 816 | |
| 811 | - if ($sJsURI != "" && substr($sJsURI, -1) != "/") $sJsURI .= "/"; |
|
| 817 | + if ($sJsURI != "" && substr($sJsURI, -1) != "/") { |
|
| 818 | + $sJsURI .= "/"; |
|
| 819 | + } |
|
| 812 | 820 | |
| 813 | 821 | $html = "\t<script type=\"text/javascript\" src=\"" . $sJsURI . $sJsFile . "\"></script>\n"; |
| 814 | 822 | $html .= "\t<script type=\"text/javascript\">\n"; |
@@ -831,8 +839,7 @@ discard block |
||
| 831 | 839 | |
| 832 | 840 | if ($sJsFullFilename) { |
| 833 | 841 | $realJsFile = $sJsFullFilename; |
| 834 | - } |
|
| 835 | - else { |
|
| 842 | + } else { |
|
| 836 | 843 | $realPath = realpath(dirname(__FILE__)); |
| 837 | 844 | $realJsFile = $realPath . "/". $sJsFile; |
| 838 | 845 | } |
@@ -849,8 +856,7 @@ discard block |
||
| 849 | 856 | $fH = @fopen($realJsFile, "w"); |
| 850 | 857 | if (!$fH) { |
| 851 | 858 | trigger_error("The xajax compressed javascript file could not be written in the <b>" . dirname($realJsFile) . "</b> folder. Error ", E_USER_ERROR); |
| 852 | - } |
|
| 853 | - else { |
|
| 859 | + } else { |
|
| 854 | 860 | fwrite($fH, $compressedScript); |
| 855 | 861 | fclose($fH); |
| 856 | 862 | } |
@@ -950,7 +956,9 @@ discard block |
||
| 950 | 956 | */ |
| 951 | 957 | function _isObjectCallback($sFunction) |
| 952 | 958 | { |
| 953 | - if (array_key_exists($sFunction, $this->aObjects)) return true; |
|
| 959 | + if (array_key_exists($sFunction, $this->aObjects)) { |
|
| 960 | + return true; |
|
| 961 | + } |
|
| 954 | 962 | return false; |
| 955 | 963 | } |
| 956 | 964 | |
@@ -967,12 +975,10 @@ discard block |
||
| 967 | 975 | if ($this->_isObjectCallback($sFunction)) { |
| 968 | 976 | if (is_object($this->aObjects[$sFunction][0])) { |
| 969 | 977 | return method_exists($this->aObjects[$sFunction][0], $this->aObjects[$sFunction][1]); |
| 970 | - } |
|
| 971 | - else { |
|
| 978 | + } else { |
|
| 972 | 979 | return is_callable($this->aObjects[$sFunction]); |
| 973 | 980 | } |
| 974 | - } |
|
| 975 | - else { |
|
| 981 | + } else { |
|
| 976 | 982 | return function_exists($sFunction); |
| 977 | 983 | } |
| 978 | 984 | } |
@@ -990,8 +996,7 @@ discard block |
||
| 990 | 996 | { |
| 991 | 997 | if ($this->_isObjectCallback($sFunction)) { |
| 992 | 998 | $mReturn = call_user_func_array($this->aObjects[$sFunction], $aArgs); |
| 993 | - } |
|
| 994 | - else { |
|
| 999 | + } else { |
|
| 995 | 1000 | $mReturn = call_user_func_array($sFunction, $aArgs); |
| 996 | 1001 | } |
| 997 | 1002 | return $mReturn; |
@@ -1086,8 +1091,7 @@ discard block |
||
| 1086 | 1091 | { |
| 1087 | 1092 | $value = $this->_parseObjXml("xjxobj"); |
| 1088 | 1093 | $this->iPos++; |
| 1089 | - } |
|
| 1090 | - else |
|
| 1094 | + } else |
|
| 1091 | 1095 | { |
| 1092 | 1096 | $value .= $this->aObjArray[$this->iPos]; |
| 1093 | 1097 | if ($this->bDecodeUTF8Input) |
@@ -1134,10 +1138,11 @@ discard block |
||
| 1134 | 1138 | if (get_magic_quotes_gpc() == 1) { |
| 1135 | 1139 | $newArray = array(); |
| 1136 | 1140 | foreach ($aArray as $sKey => $sValue) { |
| 1137 | - if (is_string($sValue)) |
|
| 1138 | - $newArray[$sKey] = stripslashes($sValue); |
|
| 1139 | - else |
|
| 1140 | - $newArray[$sKey] = $sValue; |
|
| 1141 | + if (is_string($sValue)) { |
|
| 1142 | + $newArray[$sKey] = stripslashes($sValue); |
|
| 1143 | + } else { |
|
| 1144 | + $newArray[$sKey] = $sValue; |
|
| 1145 | + } |
|
| 1141 | 1146 | } |
| 1142 | 1147 | $aArray = $newArray; |
| 1143 | 1148 | } |
@@ -1166,20 +1171,18 @@ discard block |
||
| 1166 | 1171 | $sFuncToUse = "api_convert_encoding"; |
| 1167 | 1172 | } |
| 1168 | 1173 | //if (function_exists('iconv')) |
| 1169 | - elseif (function_exists('iconv')) |
|
| 1170 | - // |
|
| 1174 | + elseif (function_exists('iconv')) { |
|
| 1175 | + // |
|
| 1171 | 1176 | { |
| 1172 | 1177 | $sFuncToUse = "iconv"; |
| 1173 | 1178 | } |
| 1174 | - else if (function_exists('mb_convert_encoding')) |
|
| 1179 | + } else if (function_exists('mb_convert_encoding')) |
|
| 1175 | 1180 | { |
| 1176 | 1181 | $sFuncToUse = "mb_convert_encoding"; |
| 1177 | - } |
|
| 1178 | - else if ($this->sEncoding == "ISO-8859-1") |
|
| 1182 | + } else if ($this->sEncoding == "ISO-8859-1") |
|
| 1179 | 1183 | { |
| 1180 | 1184 | $sFuncToUse = "utf8_decode"; |
| 1181 | - } |
|
| 1182 | - else |
|
| 1185 | + } else |
|
| 1183 | 1186 | { |
| 1184 | 1187 | trigger_error("The incoming xajax data could not be converted from UTF-8", E_USER_NOTICE); |
| 1185 | 1188 | } |
@@ -1191,8 +1194,7 @@ discard block |
||
| 1191 | 1194 | if ($sFuncToUse == "iconv") |
| 1192 | 1195 | { |
| 1193 | 1196 | $sValue = iconv("UTF-8", $this->sEncoding.'//TRANSLIT', $sValue); |
| 1194 | - } |
|
| 1195 | - else if ($sFuncToUse == "mb_convert_encoding") |
|
| 1197 | + } else if ($sFuncToUse == "mb_convert_encoding") |
|
| 1196 | 1198 | { |
| 1197 | 1199 | $sValue = mb_convert_encoding($sValue, $this->sEncoding, "UTF-8"); |
| 1198 | 1200 | } |
@@ -1221,27 +1223,23 @@ discard block |
||
| 1221 | 1223 | function xajaxErrorHandler($errno, $errstr, $errfile, $errline) |
| 1222 | 1224 | { |
| 1223 | 1225 | $errorReporting = error_reporting(); |
| 1224 | - if (($errno & $errorReporting) == 0) return; |
|
| 1226 | + if (($errno & $errorReporting) == 0) { |
|
| 1227 | + return; |
|
| 1228 | + } |
|
| 1225 | 1229 | |
| 1226 | 1230 | if ($errno == E_NOTICE) { |
| 1227 | 1231 | $errTypeStr = "NOTICE"; |
| 1228 | - } |
|
| 1229 | - else if ($errno == E_WARNING) { |
|
| 1232 | + } else if ($errno == E_WARNING) { |
|
| 1230 | 1233 | $errTypeStr = "WARNING"; |
| 1231 | - } |
|
| 1232 | - else if ($errno == E_USER_NOTICE) { |
|
| 1234 | + } else if ($errno == E_USER_NOTICE) { |
|
| 1233 | 1235 | $errTypeStr = "USER NOTICE"; |
| 1234 | - } |
|
| 1235 | - else if ($errno == E_USER_WARNING) { |
|
| 1236 | + } else if ($errno == E_USER_WARNING) { |
|
| 1236 | 1237 | $errTypeStr = "USER WARNING"; |
| 1237 | - } |
|
| 1238 | - else if ($errno == E_USER_ERROR) { |
|
| 1238 | + } else if ($errno == E_USER_ERROR) { |
|
| 1239 | 1239 | $errTypeStr = "USER FATAL ERROR"; |
| 1240 | - } |
|
| 1241 | - else if ($errno == E_STRICT) { |
|
| 1240 | + } else if ($errno == E_STRICT) { |
|
| 1242 | 1241 | return; |
| 1243 | - } |
|
| 1244 | - else { |
|
| 1242 | + } else { |
|
| 1245 | 1243 | $errTypeStr = "UNKNOWN: $errno"; |
| 1246 | 1244 | } |
| 1247 | 1245 | $GLOBALS['xajaxErrorHandlerText'] .= "\n----\n[$errTypeStr] $errstr\nerror in line $errline of file $errfile"; |
