terrylinooo / shieldon

src/Firewall/Driver/SqliteDriver.php

Indentation +5 added lines, -5 removed lines

@@ -27,11 +27,11 @@
         parent::__construct($pdo, $debug);
     }
 
-      /**
-     * Create SQL tables that Shieldon needs.
-     *
-     * @return bool
-     */
+        /**
+         * Create SQL tables that Shieldon needs.
+         *
+         * @return bool
+         */
     protected function installSql(): bool
     {
         try {

src/Firewall/Component/Ip.php

Indentation +2 added lines, -2 removed lines

@@ -257,7 +257,7 @@ 
         $ip = $ipData[0];
         $cidr = (int) $ipData[1] ?? 32;
 
-		$result[0] = long2ip((ip2long($ip)) & ((-1 << (32 - $cidr))));
+        $result[0] = long2ip((ip2long($ip)) & ((-1 << (32 - $cidr))));
         $result[1] = long2ip((ip2long($ip)) + pow(2, (32 - $cidr)) - 1);
 
         if ($isDecimal) {
@@ -265,7 +265,7 @@ 
             $result[1] = ip2long($result[1]);
         }
 
-		return $result;
+        return $result;
     }
 
     /**

src/Firewall/Security/Xss.php

Indentation +39 added lines, -39 removed lines

@@ -35,9 +35,9 @@ 
 use function time;
 use function version_compare;
 
- /**
-  * Cross-Site Scripting protection.
-  */
+    /**
+     * Cross-Site Scripting protection.
+     */
 class Xss
 {
     /**
@@ -284,7 +284,7 @@ 
         unset($original);
 
         // Remove evil attributes such as style, onclick and xmlns
-		$str = $this->removeEvilAttributes($str, $isImage);
+        $str = $this->removeEvilAttributes($str, $isImage);
 
         /*
          * Sanitize naughty HTML elements
@@ -448,62 +448,62 @@ 
 	 * @param boolean $is_image TRUE if this is an image
 	 * @return string The string with the evil attributes removed
 	 */
-	protected function removeEvilAttributes($str, $is_image)
-	{
-		// All javascript event handlers (e.g. onload, onclick, onmouseover), style, and xmlns
-		$evilAttributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href');
+    protected function removeEvilAttributes($str, $is_image)
+    {
+        // All javascript event handlers (e.g. onload, onclick, onmouseover), style, and xmlns
+        $evilAttributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href');
 
-		if ($is_image) {
-			/*
+        if ($is_image) {
+            /*
 			 * Adobe Photoshop puts XML metadata into JFIF images,
 			 * including namespacing, so we have to allow this for images.
 			 */
-			unset($evilAttributes[array_search('xmlns', $evilAttributes)]);
-		}
+            unset($evilAttributes[array_search('xmlns', $evilAttributes)]);
+        }
 
-		do {
-			$count = 0;
-			$attribs = array();
+        do {
+            $count = 0;
+            $attribs = array();
 
-			// find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes)
-			preg_match_all(
+            // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes)
+            preg_match_all(
                 '/(?<!\w)(' . implode('|', $evilAttributes) . ')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is',
                 $str,
                 $matches,
                 PREG_SET_ORDER
             );
 
-			foreach ($matches as $attr) {
-				$attribs[] = preg_quote($attr[0], '/');
-			}
+            foreach ($matches as $attr) {
+                $attribs[] = preg_quote($attr[0], '/');
+            }
 
-			// find occurrences of illegal attribute strings without quotes
-			preg_match_all(
+            // find occurrences of illegal attribute strings without quotes
+            preg_match_all(
                 '/(?<!\w)(' . implode('|', $evilAttributes) . ')\s*=\s*([^\s>]*)/is',
                 $str,
                 $matches,
                 PREG_SET_ORDER
             );
 
-			foreach ($matches as $attr) {
-				$attribs[] = preg_quote($attr[0], '/');
-			}
+            foreach ($matches as $attr) {
+                $attribs[] = preg_quote($attr[0], '/');
+            }
 
-			// replace illegal attribute strings that are inside an html tag
-			if (count($attribs) > 0) {
-				$str = preg_replace(
+            // replace illegal attribute strings that are inside an html tag
+            if (count($attribs) > 0) {
+                $str = preg_replace(
                     '/(<?)(\/?[^><]+?)([^A-Za-z<>\-])(.*?)(' . implode('|', $attribs) . ')(.*?)([\s><]?)([><]*)/i',
                     '$1$2 $4$6$7$8',
                     $str,
                     -1,
                     $count
                 );
-			}
+            }
 
-		} while ($count);
+        } while ($count);
 
-		return $str;
-	}
+        return $str;
+    }
 
     /**
      * Random Hash for protecting URLs
@@ -856,16 +856,16 @@ 
      * @return bool
      */
     protected function isPHP($version): bool
-	{
+    {
         static $_isPHP;
 
-		$version = (string) $version;
+        $version = (string) $version;
 
-		if (!isset($_isPHP[$version])) {
-			$_isPHP[$version] = version_compare(PHP_VERSION, $version, '>=');
-		}
+        if (!isset($_isPHP[$version])) {
+            $_isPHP[$version] = version_compare(PHP_VERSION, $version, '>=');
+        }
 
-		return $_isPHP[$version];
-	}
+        return $_isPHP[$version];
+    }
 }
 

src/Firewall/Driver/SqlDriverProvider.php

Indentation +1 added lines, -1 removed lines

@@ -149,7 +149,7 @@
         return $results;
     }
 
-   /**
+    /**
      * {@inheritDoc}
      */
     protected function doFetchAll(string $type = 'filter'): array