Gitee
\
Acme
addons
adminlte
controller
command
controller
library
crontab
controller
database
controller
library
example
controller
freecode
controller
loginbg
controller
loginbgindex
controller
simditor
summernote
controller
test
controller
tinymce
controller
app
admin
behavior
command
Api
library
controller
auth
example
forum
general
user
library
traits
model
forum
validate
forum
api
controller
library
common
behavior
controller
library
token
driver
model
index
controller
model
Composer
Autoload
Cron
Tests
Doctrine
Common
Cache
Tests
Common
Cache
EasyWeChat
Broadcast
Card
Comment
Core
Exceptions
Device
Encryption
Foundation
ServiceProviders
Fundamental
Js
Material
Menu
Message
MiniProgram
Core
Encryption
Material
Notice
QRCode
Server
Sns
Staff
Stats
Notice
OpenPlatform
Api
EventHandlers
Payment
CashCoupon
LuckyMoney
MerchantPay
POI
QRCode
Reply
Semantic
Server
ShakeAround
Staff
Stats
Store
Support
Traits
Url
User
Endroid
QrCode
Bundle
Controller
DependencyInjection
Twig
Extension
Exceptions
Factory
Tests
Bundle
Controller
Tests
QrCode
fast
GatewayWorker
Lib
Protocols
GuzzleHttp
Cookie
Exception
Handler
Promise
Psr7
League
OAuth2
Client
Provider
Monolog
Formatter
Handler
Curl
FingersCrossed
Slack
SyslogUdp
Processor
Overtrue
Pinyin
Socialite
Providers
Pimple
Exception
Psr11
Tests
Fixtures
Psr11
Psr
Container
Http
Message
Log
Test
Symfony
Bridge
PsrHttpMessage
Factory
Tests
Factory
Fixtures
Component
HttpFoundation
Exception
File
Exception
MimeType
Session
Attribute
Flash
Storage
Handler
Proxy
Tests
File
MimeType
Session
Attribute
Flash
Storage
Handler
Proxy
OptionsResolver
Debug
Exception
Tests
Debug
Polyfill
Mbstring
Php70
think
addons
cache
driver
captcha
composer
config
driver
console
command
make
optimize
input
output
descriptor
driver
formatter
question
controller
db
builder
connector
exception
debug
exception
helper
hash
log
driver
model
relation
paginator
driver
process
exception
pipes
response
session
driver
template
driver
taglib
view
driver
traits
controller
model
think
Workerman
Connection
Events
React
Lib
Protocols

vendor/phpmailer/phpmailer/extrashtmlfilter.php

htmlfilter.inc --------------- This set of functions allows you to filter html in order to remove any malicious tags from it. Useful in cases when you need to filter user input for any cross-site-scripting attempts.

Copyright (C) 2002-2004 by Duke University

This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.

This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA

Functions

tln_tagprint()

tln_tagprint(string  $tagname, array  $attary, integer  $tagtype) : string

This function returns the final tag out of the tag name, an array of attributes, and the type of the tag. This function is called by tln_sanitize internally.

Parameters

string $tagname

the name of the tag.
array $attary

the array of attributes and their values
integer $tagtype

The type of the tag (see in comments).

Returns

string —

A string with the final tag representation.

tln_casenormalize()

tln_casenormalize(string  $val) : void

A small helper function to use with array_walk. Modifies a by-ref value and makes it lowercase.

Parameters

string $val

a value passed by-ref.

tln_skipspace()

tln_skipspace(string  $body, integer  $offset) : integer

This function skips any whitespace from the current position within a string and to the next non-whitespace value.

Parameters

string $body

the string
integer $offset

the offset within the string where we should start looking for the next non-whitespace character.

Returns

integer —

the location within the $body where the next non-whitespace char is located.

tln_findnxstr()

tln_findnxstr(string  $body, integer  $offset, string  $needle) : integer

This function looks for the next character within a string. It's really just a glorified "strpos", except it catches the failures nicely.

Parameters

string $body

The string to look for needle in.
integer $offset

Start looking from this position.
string $needle

The character/string to look for.

Returns

integer —

location of the next occurrence of the needle, or strlen($body) if needle wasn't found.

tln_findnxreg()

tln_findnxreg(string  $body, integer  $offset, string  $reg) : array|boolean

This function takes a PCRE-style regexp and tries to match it within the string.

Parameters

string $body

The string to look for needle in.
integer $offset

Start looking from here.
string $reg

A PCRE-style regex to match.

Returns

array|boolean —

Returns a false if no matches found, or an array with the following members:

  • integer with the location of the match within $body
  • string with whatever content between offset and the match
  • string with whatever it is we matched

tln_getnxtag()

tln_getnxtag(string  $body, integer  $offset) : array|boolean

This function looks for the next tag.

Parameters

string $body

String where to look for the next tag.
integer $offset

Start looking from here.

Returns

array|boolean —

false if no more tags exist in the body, or an array with the following members:

  • string with the name of the tag
  • array with attributes and their values
  • integer with tag type (1, 2, or 3)
  • integer where the tag starts (starting "<")
  • integer where the tag ends (ending ">") first three members will be false, if the tag is invalid.

tln_deent()

tln_deent(string  $attvalue, string  $regex, boolean  $hex = false) : boolean

Translates entities into literal values so they can be checked.

Parameters

string $attvalue

the by-ref value to check.
string $regex

the regular expression to check against.
boolean $hex

whether the entities are hexadecimal.

Returns

boolean —

True or False depending on whether there were matches.

tln_defang()

tln_defang(string  $attvalue)

This function checks attribute values for entity-encoded values and returns them translated into 8-bit strings so we can run checks on them.

Parameters

string $attvalue

A string to run entity check against.

tln_unspace()

tln_unspace(string  $attvalue)

Kill any tabs, newlines, or carriage returns. Our friends the makers of the browser with 95% market value decided that it'd be funny to make "java[tab]script" be just as good as "javascript".

Parameters

string $attvalue

The attribute value before extraneous spaces removed.

tln_fixatts()

tln_fixatts(string  $tagname, array  $attary, array  $rm_attnames, array  $bad_attvals, array  $add_attr_to_tag, string  $trans_image_path, boolean  $block_external_images) : array

This function runs various checks against the attributes.

Parameters

string $tagname

String with the name of the tag.
array $attary

Array with all tag attributes.
array $rm_attnames

See description for tln_sanitize
array $bad_attvals

See description for tln_sanitize
array $add_attr_to_tag

See description for tln_sanitize
string $trans_image_path
boolean $block_external_images

Returns

array —

with modified attributes.

tln_fixurl()

tln_fixurl(  $attname,   $attvalue,   $trans_image_path,   $block_external_images)

Parameters

$attname
$attvalue
$trans_image_path
$block_external_images

tln_fixstyle()

tln_fixstyle(  $body,   $pos,   $trans_image_path,   $block_external_images)

Parameters

$body
$pos
$trans_image_path
$block_external_images

tln_body2div()

tln_body2div(  $attary,   $trans_image_path)

Parameters

$attary
$trans_image_path

tln_sanitize()

tln_sanitize(string  $body, array  $tag_list, array  $rm_tags_with_content, array  $self_closing_tags, boolean  $force_tag_closing, array  $rm_attnames, array  $bad_attvals, array  $add_attr_to_tag, string  $trans_image_path, boolean  $block_external_images) : string

Parameters

string $body

The HTML you wish to filter
array $tag_list

see description above
array $rm_tags_with_content

see description above
array $self_closing_tags

see description above
boolean $force_tag_closing

see description above
array $rm_attnames

see description above
array $bad_attvals

see description above
array $add_attr_to_tag

see description above
string $trans_image_path
boolean $block_external_images

Returns

string —

Sanitized html safe to show on your pages.

HTMLFilter()

HTMLFilter(  $body,   $trans_image_path,   $block_external_images = false)

Parameters

$body
$trans_image_path
$block_external_images