iliaa Sat Sep 21 13:34:06 2002 EDT
Modified files:
/php4/ext/standard string.c
Log:
Fixed bug #7472 as well as many other bugs with strip_tags implementation.
Index: php4/ext/standard/string.c
diff -u php4/ext/standard/string.c:1.295 php4/ext/standard/string.c:1.296
--- php4/ext/standard/string.c:1.295 Fri Sep 20 07:48:47 2002
+++ php4/ext/standard/string.c Sat Sep 21 13:34:06 2002
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: string.c,v 1.295 2002/09/20 11:48:47 iliaa Exp $ */
+/* $Id: string.c,v 1.296 2002/09/21 17:34:06 iliaa Exp $ */
/* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */
@@ -3353,14 +3353,14 @@
if(allow) {
*(tp++) = '<';
}
- } else if (state) {
+ } else if (state == 1) {
depth++;
}
break;
case '(':
if (state == 2) {
- if (lc != '\"') {
+ if (lc != '"' && lc != '\'') {
lc = '(';
br++;
}
@@ -3373,7 +3373,7 @@
case ')':
if (state == 2) {
- if (lc != '\"') {
+ if (lc != '"' && lc != '\'') {
lc = ')';
br--;
}
@@ -3390,34 +3390,49 @@
break;
}
- if (state == 1) {
- lc = '>';
- state = 0;
- if(allow) {
- *(tp++) = '>';
- *tp='\0';
- if(php_tag_find(tbuf, tp-tbuf, allow))
{
- memcpy(rp, tbuf, tp-tbuf);
- rp += tp-tbuf;
- }
- tp = tbuf;
- }
- } else if (state == 2) {
- if (!br && lc != '\"' && *(p-1)=='?') {
+ switch (state)
+ {
+ case 1: /* HTML/XML */
+ lc = '>';
state = 0;
- tp = tbuf;
- }
- } else {
- *(rp++) = c;
+ if(allow) {
+ *(tp++) = '>';
+ *tp='\0';
+ if(php_tag_find(tbuf, tp-tbuf,
+allow)) {
+ memcpy(rp, tbuf,
+tp-tbuf);
+ rp += tp-tbuf;
+ }
+ tp = tbuf;
+ }
+ break;
+
+ case 2: /* PHP */
+ if (!br && lc != '\"' && *(p-1)=='?') {
+ state = 0;
+ tp = tbuf;
+ }
+ break;
+
+ case 3: /* JavaScript/CSS/etc... */
+ if (*(p-1) == '-' && *(p-2) == '-') {
+ state = 0;
+ tp = tbuf;
+ }
+ break;
+
+ default:
+ *(rp++) = c;
+ break;
}
break;
- case '\"':
- if (state == 2) {
- if (lc == '\"') {
+ case '"':
+ case '\'':
+ if (state == 2 && *(p-1) != '\\') {
+ if (lc == c) {
lc = '\0';
} else if (lc != '\\') {
- lc = '\"';
+ lc = c;
}
} else if (state == 0) {
*(rp++) = c;
@@ -3425,7 +3440,14 @@
*(tp++) = c;
}
break;
-
+
+ case '!':
+ /* JavaScript & Other HTML scripting languages */
+ if (state == 1 && *(p-1) == '<') {
+ state = 3;
+ }
+ break;
+
case '?':
if (state==1 && *(p-1)=='<') { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
