|
@@ 1167-1178 (lines=12) @@
|
| 1164 |
|
$ok = false; |
| 1165 |
|
break; |
| 1166 |
|
|
| 1167 |
|
case 'maxval' : |
| 1168 |
|
// The maxval check does two things: it checks that the attribute value is |
| 1169 |
|
// an integer from 0 and up, without an excessive amount of zeroes or |
| 1170 |
|
// whitespace (to avoid Buffer Overflows). It also checks that the attribute |
| 1171 |
|
// value is not greater than the given value. |
| 1172 |
|
// This check can be used to avoid Denial of Service attacks. |
| 1173 |
|
|
| 1174 |
|
if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
| 1175 |
|
$ok = false; |
| 1176 |
|
if ($value > $checkvalue) |
| 1177 |
|
$ok = false; |
| 1178 |
|
break; |
| 1179 |
|
|
| 1180 |
|
case 'minval' : |
| 1181 |
|
// The minval check makes sure that the attribute value is a positive integer, |
|
@@ 1180-1188 (lines=9) @@
|
| 1177 |
|
$ok = false; |
| 1178 |
|
break; |
| 1179 |
|
|
| 1180 |
|
case 'minval' : |
| 1181 |
|
// The minval check makes sure that the attribute value is a positive integer, |
| 1182 |
|
// and that it is not smaller than the given value. |
| 1183 |
|
|
| 1184 |
|
if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
| 1185 |
|
$ok = false; |
| 1186 |
|
if ($value < $checkvalue) |
| 1187 |
|
$ok = false; |
| 1188 |
|
break; |
| 1189 |
|
|
| 1190 |
|
case 'valueless' : |
| 1191 |
|
// The valueless check makes sure if the attribute has a value |
ntwb /
wordpress
