Context Navigation

← Previous Changeset
Next Changeset →

Changeset 701

Timestamp:

10/08/2007 10:39:27 AM (14 months ago)

Author:

Geert

Message:

View constructor didn't allow for tiff (with double f) because of $ at the end.
Also cleaning up security stuff a bit.

Location:

trunk/system

Files:

: 3 modified

helpers/security.php (modified) (2 diffs)
libraries/Validation.php (modified) (26 diffs)
libraries/View.php (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/system/helpers/security.php

r668	r701
8	8	}
9	9
10		public static function image_tags($str)
	10	public static function strip_image_tags($str)
11	11	{
12	12	$str = preg_replace('#<img\b.?(?:src\s=\s["\']?([^"\'<>\s])["\']?[^>]*)?>#is', '$1', $str);
…	…
15	15	}
16	16
17		public static function php_tags($str)
	17	public static function encode_php_tags($str)
18	18	{
19	19	return str_replace(array('<?', '?>'), array('<?', '?>'), $str);

trunk/system/libraries/Validation.php

r696	r701
126	126	}
127	127
128		~~// --------------------------------------------------------------------~~
129
130	128	/**
131	129	* Set Field Information
…	…
172	170	}
173	171
174		~~// --------------------------------------------------------------------~~
175
176	172	/**
177	173	* Set Error Message
…	…
198	194	}
199	195
200		~~// --------------------------------------------------------------------~~
201
202	196	/**
203	197	* Error Message Format
…	…
217	211	$this->error_format = $string;
218	212	}
219
220		~~// --------------------------------------------------------------------~~
221	213
222	214	public function add_error($func, $field)
…	…
365	357	}
366	358	}
367
368		~~// --------------------------------------------------------------------~~
369	359
370	360	public function upload($data, $params = FLASE)
…	…
625	615	}
626	616
627		~~// --------------------------------------------------------------------~~
628
629	617	/**
630	618	* Match one field to another
…	…
644	632	}
645	633
646		~~// --------------------------------------------------------------------~~
647
648	634	/**
649	635	* Minimum Length
…	…
663	649	}
664	650
665		~~// --------------------------------------------------------------------~~
666
667	651	/**
668	652	* Max Length
…	…
682	666	}
683	667
684		~~// --------------------------------------------------------------------~~
685
686	668	/**
687	669	* Exact Length
…	…
700	682	return (bool) (strlen($str) == $val);
701	683	}
702
703		~~// --------------------------------------------------------------------~~
704	684
705	685	/**
…	…
714	694	return (bool) preg_match('/^(?!\.)[-+_a-z0-9.]++(?<!\.)@(?![-.])[-a-z0-9.]+(?<!\.)\.[a-z]{2,6}$/iD', $email);
715	695	}
716
717		~~// --------------------------------------------------------------------~~
718	696
719	697	/**
…	…
750	728	}
751	729
752		~~// --------------------------------------------------------------------~~
753
754	730	/**
755	731	* Validate IP Address
…	…
764	740	}
765	741
766		~~// --------------------------------------------------------------------~~
767
768	742	/**
769	743	* Alpha
…	…
777	751	return ctype_alpha($str);
778	752	}
779
780		~~// --------------------------------------------------------------------~~
781	753
782	754	/**
…	…
792	764	}
793	765
794		~~// --------------------------------------------------------------------~~
795
796	766	/**
797	767	* Alpha-numeric with underscores and dashes
…	…
805	775	return (bool) preg_match('/^[-a-z0-9_]+$/iD', $str);
806	776	}
807
808		~~// --------------------------------------------------------------------~~
809	777
810	778	/**
…	…
820	788	}
821	789
822		~~// --------------------------------------------------------------------~~
823
824	790	/**
825	791	* Numeric
…	…
840	806	}
841	807
842		~~// --------------------------------------------------------------------~~
843
844	808	/**
845	809	* Set Select
…	…
866	830	}
867	831
868		~~// --------------------------------------------------------------------~~
869
870	832	/**
871	833	* Set Radio
…	…
892	854	}
893	855
894		~~// --------------------------------------------------------------------~~
895
896	856	/**
897	857	* Set Checkbox
…	…
918	878	}
919	879
920		~~// --------------------------------------------------------------------~~
921
922	880	/**
923	881	* Prep data for form
…	…
940	898	}
941	899
942		~~// --------------------------------------------------------------------~~
943
944	900	/**
945	901	* Prep URL
…	…
965	921	}
966	922
967		~~// --------------------------------------------------------------------~~
968
969	923	/**
970	924	* Strip Image Tags
…	…
976	930	public function strip_image_tags($str)
977	931	{
978		$this->data[$this->current_field] = Kohana::instance()->input->strip_image_tags($str);
979		}
980
981		// --------------------------------------------------------------------
	932	$this->data[$this->current_field] = security::strip_image_tags($str);
	933	}
982	934
983	935	/**
…	…
993	945	}
994	946
995		~~// --------------------------------------------------------------------~~
996
997	947	/**
998	948	* Convert PHP tags to entities
…	…
1004	954	public function encode_php_tags($str)
1005	955	{
1006		$this->data[$this->current_field] = str_replace(array('<?', '?>'), array('<?php', '?>'), $str);
1007		}
1008
1009
	956	$this->data[$this->current_field] = security::encode_php_tags($str);
	957	}
1010	958
1011	959	} // End Validation Class

trunk/system/libraries/View.php

r678	r701
42	42	public function __construct($name, $data = NULL)
43	43	{
44		if (preg_match('/\.(~~[gt]if\|jpe?g\|png~~\|js\|css\|swf)$/Di', $name, $type))
	44	if (preg_match('/\.(gif\|jpe?g\|png\|tiff?\|js\|css\|swf)$/Di', $name, $type))
45	45	{
46	46	$type = $type[1];
…	…
80	80	$protected = array('kohana_filename', 'kohana_renderer', 'kohana_filetype');
81	81
82		if (in_array($name, $protected) AND $this->$name === FALSE)
	82	if (in_array($name, $protected) AND $this->$name === FALSE)
83	83	{
84	84	$this->$name = $value;