PHPMailer/extras/htmlfilter.php
.htaccess
LICENSE
PHPMailer
.gitignore
.scrutinizer.yml
.travis.yml
LICENSE
PHPMailerAutoload.php
README.md
VERSION
changelog.md
class.phpmailer.php
class.pop3.php
class.smtp.php
composer.json
docs
Callback_function_notes.txt
DomainKeys_notes.txt
Note_for_SMTP_debugging.txt
extending.html
faq.html
generatedocs.sh
pop3_article.txt
examples
code_generator.phps
contents.html
contentsutf8.html
exceptions.phps
gmail.phps
images
phpmailer.png
phpmailer_mini.png
index.html
mail.phps
mailing_list.phps
pop_before_smtp.phps
scripts
XRegExp.js
shAutoloader.js
shBrushPhp.js
shCore.js
shLegacy.js
send_file_upload.phps
sendmail.phps
smtp.phps
smtp_check.phps
smtp_no_auth.phps
ssl_options.phps
styles
shCore.css
shCoreDefault.css
shCoreDjango.css
shCoreEclipse.css
shCoreEmacs.css
shCoreFadeToGrey.css
shCoreMDUltra.css
shCoreMidnight.css
shCoreRDark.css
shThemeAppleScript.css
shThemeDefault.css
shThemeDjango.css
shThemeEclipse.css
shThemeEmacs.css
shThemeFadeToGrey.css
shThemeMDUltra.css
shThemeMidnight.css
shThemeRDark.css
shThemeVisualStudio.css
wrapping.png
extras
EasyPeasyICS.php
README.md
htmlfilter.php
ntlm_sasl_client.php
language
phpmailer.lang-am.php
phpmailer.lang-ar.php
phpmailer.lang-az.php
phpmailer.lang-be.php
phpmailer.lang-bg.php
phpmailer.lang-br.php
phpmailer.lang-ca.php
phpmailer.lang-ch.php
phpmailer.lang-cz.php
phpmailer.lang-de.php
phpmailer.lang-dk.php
phpmailer.lang-el.php
phpmailer.lang-eo.php
phpmailer.lang-es.php
phpmailer.lang-et.php
phpmailer.lang-fa.php
phpmailer.lang-fi.php
phpmailer.lang-fo.php
phpmailer.lang-fr.php
phpmailer.lang-gl.php
phpmailer.lang-he.php
phpmailer.lang-hr.php
phpmailer.lang-hu.php
phpmailer.lang-id.php
phpmailer.lang-it.php
phpmailer.lang-ja.php
phpmailer.lang-ka.php
phpmailer.lang-ko.php
phpmailer.lang-lt.php
phpmailer.lang-lv.php
phpmailer.lang-ms.php
phpmailer.lang-nl.php
phpmailer.lang-no.php
phpmailer.lang-pl.php
phpmailer.lang-pt.php
phpmailer.lang-ro.php
phpmailer.lang-ru.php
phpmailer.lang-se.php
phpmailer.lang-sk.php
phpmailer.lang-sl.php
phpmailer.lang-sr.php
phpmailer.lang-tr.php
phpmailer.lang-uk.php
phpmailer.lang-vi.php
phpmailer.lang-zh.php
phpmailer.lang-zh_cn.php
test
bootstrap.php
fakepopserver.sh
fakesendmail.sh
phpmailerLangTest.php
phpmailerTest.php
runfakepopserver.sh
test_callback.php
testbootstrap-dist.php
travis.phpunit.xml.dist
application
.htaccess
cache
.htaccess
index.html
config
autoload.php
config.php
constants.php
database.php
doctypes.php
foreign_chars.php
hooks.php
index.html
memcached.php
migration.php
mimes.php
profiler.php
routes.php
smileys.php
user_agents.php
controllers
Check.php
Systemid.php
Welcome.php
index.html
core
index.html
errors
error_404.php
error_db.php
error_general.php
error_php.php
index.html
helpers
index.html
hooks
index.html
index.html
language
english
index.html
system_lang.php
index.html
polish
.gitattributes
README.md
calendar_lang.php
date_lang.php
db_lang.php
email_lang.php
form_validation_lang.php
ftp_lang.php
imglib_lang.php
index.html
migration_lang.php
number_lang.php
pagination_lang.php
profiler_lang.php
system_lang.php
unit_test_lang.php
upload_lang.php
libraries
index.html
logs
index.html
models
System_model.php
index.html
third_party
index.html
views
components.php
errors
cli
error_404.php
error_db.php
error_exception.php
error_general.php
error_php.php
index.html
html
error_404.php
error_db.php
error_exception.php
error_general.php
error_php.php
index.html
index.html
foot.php
head.php
index.html
link
archive.php
archivereport.php
check.php
importlink.php
login.php
project
add.php
addlink.php
details.php
edit.php
editlink.php
show.php
user
changepassword.php
editemail.php
getpassword.php
postpassword.php
settings.php
welcome_message.php
arial.ttf
captcha
sys.txt
css
bootstrap-theme.css
bootstrap-theme.css.map
bootstrap-theme.min.css
bootstrap-theme.min.css.map
bootstrap.css
bootstrap.css.map
bootstrap.min.css
bootstrap.min.css.map
favicon.ico
fonts
glyphicons-halflings-regular.eot
glyphicons-halflings-regular.svg
glyphicons-halflings-regular.ttf
glyphicons-halflings-regular.woff
glyphicons-halflings-regular.woff2
hrefsystem.png
index.php
install.php
jquery-latest.min.js
js
bootstrap.js
bootstrap.min.js
npm.js
library
ajax-loader.gif
crop
Canvas.php
Coordinate.php
Exception.php
Font
GDF.php
PS.php
TTF.php
Image.php
Mapper
BMP.php
GD.php
GD2.php
GIF.php
JPEG.php
PNG.php
TGA.php
MapperFactory.php
Operation
AddNoise.php
ApplyConvolution.php
ApplyFilter.php
ApplyMask.php
AsGrayscale.php
AsNegative.php
AutoCrop.php
CopyChannelsPalette.php
CopyChannelsTrueColor.php
CorrectGamma.php
Crop.php
Flip.php
GetMask.php
Merge.php
Mirror.php
Resize.php
ResizeCanvas.php
Rotate.php
RoundCorners.php
Unsharp.php
OperationFactory.php
PaletteImage.php
README
TrueColorImage.php
VERSION
WideImage.php
gpl.txt
lgpl.txt
vendor
de77
BMP.php
TGA.php
index.html
jquery-autocomplete
changelog.txt
demo
bg.gif
emails.php
emails.phps
images
Amsterdam Van-Gogh Museum.jpg
Amsterdam.jpg
Antwerpen Rubenshaus.jpg
Antwerpen.jpg
Appenzell.jpg
Arnhem Historisches Museum.jpg
Bled.jpg
Bled_Die Burg von Bled.jpg
Bogojina_Die Pfarrkirche.jpg
BolognaBasilicadiSanPetronio.jpg
BolognaFontanadelNettuno.jpg
BolognaPiazzaMaggiore.jpg
Bolsward Martinikerk.jpg
Bolsward Stadhuis.jpg
Bolsward.jpg
BordeauxND.jpg
BordeauxPlaceB.jpg
BotanischerGartenZuerich.jpg
Bouillon.jpg
Gent Hotel de Ville2.jpg
Gent.jpg
GenuaStrand.jpg
GenuabeiNacht.jpg
Giessbachfaelle Brienz.jpg
Giethoorn.jpg
Gnesen.jpg
Gornij Grad_KATHEDRALE.jpg
Gossensass.jpg
Grad_Burg Grad2.jpg
GrandDixence.jpg
GrenoblePanorama.jpg
Groningen.jpg
GrottenvonReclere.jpg
Guebwiller.jpg
Kamnik_Die Franziskaner Bibliothek.jpg
Karlsbad Muehlbrunnkolonnade.jpg
Kazimierz.jpg
KirchbergAltesRathaus1.jpg
KlagenfurtDom.jpg
KleineMeerjungfreu.jpg
LazienkiparkWarschau.jpg
LeHavreHafen.jpg
LeMans.jpg
Lednice.jpg
Leeuwarden Fries Museum.jpg
Leeuwarden.jpg
Lelystad.jpg
Lemmer.jpg
Leper Halles aux draps.jpg
Leuven Museum fuer Kirchenkunst.jpg
Leuven.jpg
Luxemburg.jpg
LuzernAltstadt.jpg
LuzernPicassoMuseum.jpg
Lyon.jpg
Maastricht Onze Lieve Vrou...jpg
Maastricht St Servaasbasiliek.jpg
Maastricht Walmuur.jpg
Maastricht.jpg
MagiatalMaggia.jpg
Mailand3.jpg
Metlika_Bela Krajina Museum.jpg
MilanoCastelloSforzesco.jpg
MilanoDom.jpg
MilazzoBurg.jpg
Novo Mesto_Das Museum.jpg
ObervellachBurgFalkenstein.jpg
OdenseeAndersen.jpg
Olimje_Kirche und Apotheke in Olimje.jpg
Olomouc.jpg
OlympischesMuseumLausanne.jpg
OrleansMaisonJeannedArc.jpg
OrleansParcFloraldelaSource.jpg
OstiaAntica.jpg
Ostrow Tumski.jpg
PoertschachSchlossLeonstain.jpg
Portoroz.jpg
Posen.jpg
Postojna.jpg
Prag Altstaedter Ring.jpg
Prag Waldsteinpalais.jpg
RouenNotreDame.jpg
Salzbergwerk Bex.jpg
SalzbergwerkWieliczka.jpg
SalzburgFestungHohensalzburg.jpg
SalzburgResidenz.jpg
WienMuseumsQuartier.jpg
WienMusikverein.jpg
WienRiesenrad.jpg
WienRingstrasse.jpg
images.php
index.html
indicator.gif
json.html
localdata.js
main.css
search.php
search.phps
jquery.autocomplete.css
jquery.autocomplete.js
jquery.autocomplete.min.js
jquery.autocomplete.pack.js
lib
jquery.ajaxQueue.js
jquery.bgiframe.min.js
jquery.js
thickbox-compressed.js
thickbox.css
todo
jquery-ui-sliderAccess.js
jquery-ui-timepicker-addon.css
jquery-ui-timepicker-addon.js
jquery-ui.css
jquery-ui.min.js
jquery.min.js
jscolor
arrow.gif
cross.gif
demo.html
hs.png
hv.png
jscolor.js
style.css
script.js
stylesmenu.css
system
.htaccess
core
Benchmark.php
CodeIgniter.php
Common.php
Config.php
Controller.php
Exceptions.php
Hooks.php
Input.php
Lang.php
Loader.php
Log.php
Model.php
Output.php
Router.php
Security.php
URI.php
Utf8.php
compat
hash.php
index.html
mbstring.php
password.php
standard.php
index.html
database
DB.php
DB_active_rec.php
DB_cache.php
DB_driver.php
DB_forge.php
DB_query_builder.php
DB_result.php
DB_utility.php
drivers
cubrid
cubrid_driver.php
cubrid_forge.php
cubrid_result.php
cubrid_utility.php
index.html
ibase
ibase_driver.php
ibase_forge.php
ibase_result.php
ibase_utility.php
index.html
index.html
mssql
index.html
mssql_driver.php
mssql_forge.php
mssql_result.php
mssql_utility.php
mysql
index.html
mysql_driver.php
mysql_forge.php
mysql_result.php
mysql_utility.php
mysqli
index.html
mysqli_driver.php
mysqli_forge.php
mysqli_result.php
mysqli_utility.php
oci8
index.html
oci8_driver.php
oci8_forge.php
oci8_result.php
oci8_utility.php
odbc
index.html
odbc_driver.php
odbc_forge.php
odbc_result.php
odbc_utility.php
pdo
index.html
pdo_driver.php
pdo_forge.php
pdo_result.php
pdo_utility.php
subdrivers
index.html
pdo_4d_driver.php
pdo_4d_forge.php
pdo_cubrid_driver.php
pdo_cubrid_forge.php
pdo_dblib_driver.php
pdo_dblib_forge.php
pdo_firebird_driver.php
pdo_firebird_forge.php
pdo_ibm_driver.php
pdo_ibm_forge.php
pdo_informix_driver.php
pdo_informix_forge.php
pdo_mysql_driver.php
pdo_mysql_forge.php
pdo_oci_driver.php
pdo_oci_forge.php
pdo_odbc_driver.php
pdo_odbc_forge.php
pdo_pgsql_driver.php
pdo_pgsql_forge.php
pdo_sqlite_driver.php
pdo_sqlite_forge.php
pdo_sqlsrv_driver.php
pdo_sqlsrv_forge.php
postgre
index.html
postgre_driver.php
postgre_forge.php
postgre_result.php
postgre_utility.php
sqlite
index.html
sqlite_driver.php
sqlite_forge.php
sqlite_result.php
sqlite_utility.php
sqlite3
index.html
sqlite3_driver.php
sqlite3_forge.php
sqlite3_result.php
sqlite3_utility.php
sqlsrv
index.html
sqlsrv_driver.php
sqlsrv_forge.php
sqlsrv_result.php
sqlsrv_utility.php
index.html
fonts
index.html
texb.ttf
helpers
array_helper.php
captcha_helper.php
cookie_helper.php
date_helper.php
directory_helper.php
download_helper.php
email_helper.php
file_helper.php
form_helper.php
html_helper.php
index.html
inflector_helper.php
language_helper.php
number_helper.php
path_helper.php
security_helper.php
smiley_helper.php
string_helper.php
text_helper.php
typography_helper.php
url_helper.php
xml_helper.php
index.html
language
english
calendar_lang.php
date_lang.php
db_lang.php
email_lang.php
form_validation_lang.php
ftp_lang.php
imglib_lang.php
index.html
migration_lang.php
number_lang.php
pagination_lang.php
profiler_lang.php
unit_test_lang.php
upload_lang.php
index.html
libraries
Cache
Cache.php
drivers
Cache_apc.php
Cache_dummy.php
Cache_file.php
Cache_memcached.php
Cache_redis.php
Cache_wincache.php
index.html
index.html
Calendar.php
Cart.php
Driver.php
Email.php
Encrypt.php
Encryption.php
Form_validation.php
Ftp.php
Image_lib.php
Javascript
Jquery.php
index.html
Javascript.php
Log.php
Migration.php
Pagination.php
Parser.php
Profiler.php
Session
Session.php
SessionHandlerInterface.php
Session_driver.php
drivers
Session_database_driver.php
Session_files_driver.php
Session_memcached_driver.php
Session_redis_driver.php
index.html
index.html
Session.php
Sha1.php
Table.php
Trackback.php
Typography.php
Unit_test.php
Upload.php
User_agent.php
Xmlrpc.php
Xmlrpcs.php
Zip.php
index.html
uploads
sys.txt
LICENSE
PHPMailer
.gitignore
.scrutinizer.yml
.travis.yml
LICENSE
PHPMailerAutoload.php
README.md
VERSION
changelog.md
class.phpmailer.php
class.pop3.php
class.smtp.php
composer.json
docs
Callback_function_notes.txt
DomainKeys_notes.txt
Note_for_SMTP_debugging.txt
extending.html
faq.html
generatedocs.sh
pop3_article.txt
examples
code_generator.phps
contents.html
contentsutf8.html
exceptions.phps
gmail.phps
images
phpmailer.png
phpmailer_mini.png
index.html
mail.phps
mailing_list.phps
pop_before_smtp.phps
scripts
XRegExp.js
shAutoloader.js
shBrushPhp.js
shCore.js
shLegacy.js
send_file_upload.phps
sendmail.phps
smtp.phps
smtp_check.phps
smtp_no_auth.phps
ssl_options.phps
styles
shCore.css
shCoreDefault.css
shCoreDjango.css
shCoreEclipse.css
shCoreEmacs.css
shCoreFadeToGrey.css
shCoreMDUltra.css
shCoreMidnight.css
shCoreRDark.css
shThemeAppleScript.css
shThemeDefault.css
shThemeDjango.css
shThemeEclipse.css
shThemeEmacs.css
shThemeFadeToGrey.css
shThemeMDUltra.css
shThemeMidnight.css
shThemeRDark.css
shThemeVisualStudio.css
wrapping.png
extras
EasyPeasyICS.php
README.md
htmlfilter.php
ntlm_sasl_client.php
language
phpmailer.lang-am.php
phpmailer.lang-ar.php
phpmailer.lang-az.php
phpmailer.lang-be.php
phpmailer.lang-bg.php
phpmailer.lang-br.php
phpmailer.lang-ca.php
phpmailer.lang-ch.php
phpmailer.lang-cz.php
phpmailer.lang-de.php
phpmailer.lang-dk.php
phpmailer.lang-el.php
phpmailer.lang-eo.php
phpmailer.lang-es.php
phpmailer.lang-et.php
phpmailer.lang-fa.php
phpmailer.lang-fi.php
phpmailer.lang-fo.php
phpmailer.lang-fr.php
phpmailer.lang-gl.php
phpmailer.lang-he.php
phpmailer.lang-hr.php
phpmailer.lang-hu.php
phpmailer.lang-id.php
phpmailer.lang-it.php
phpmailer.lang-ja.php
phpmailer.lang-ka.php
phpmailer.lang-ko.php
phpmailer.lang-lt.php
phpmailer.lang-lv.php
phpmailer.lang-ms.php
phpmailer.lang-nl.php
phpmailer.lang-no.php
phpmailer.lang-pl.php
phpmailer.lang-pt.php
phpmailer.lang-ro.php
phpmailer.lang-ru.php
phpmailer.lang-se.php
phpmailer.lang-sk.php
phpmailer.lang-sl.php
phpmailer.lang-sr.php
phpmailer.lang-tr.php
phpmailer.lang-uk.php
phpmailer.lang-vi.php
phpmailer.lang-zh.php
phpmailer.lang-zh_cn.php
test
bootstrap.php
fakepopserver.sh
fakesendmail.sh
phpmailerLangTest.php
phpmailerTest.php
runfakepopserver.sh
test_callback.php
testbootstrap-dist.php
travis.phpunit.xml.dist
application
.htaccess
cache
.htaccess
index.html
config
autoload.php
config.php
constants.php
database.php
doctypes.php
foreign_chars.php
hooks.php
index.html
memcached.php
migration.php
mimes.php
profiler.php
routes.php
smileys.php
user_agents.php
controllers
Check.php
Systemid.php
Welcome.php
index.html
core
index.html
errors
error_404.php
error_db.php
error_general.php
error_php.php
index.html
helpers
index.html
hooks
index.html
index.html
language
english
index.html
system_lang.php
index.html
polish
.gitattributes
README.md
calendar_lang.php
date_lang.php
db_lang.php
email_lang.php
form_validation_lang.php
ftp_lang.php
imglib_lang.php
index.html
migration_lang.php
number_lang.php
pagination_lang.php
profiler_lang.php
system_lang.php
unit_test_lang.php
upload_lang.php
libraries
index.html
logs
index.html
models
System_model.php
index.html
third_party
index.html
views
components.php
errors
cli
error_404.php
error_db.php
error_exception.php
error_general.php
error_php.php
index.html
html
error_404.php
error_db.php
error_exception.php
error_general.php
error_php.php
index.html
index.html
foot.php
head.php
index.html
link
archive.php
archivereport.php
check.php
importlink.php
login.php
project
add.php
addlink.php
details.php
edit.php
editlink.php
show.php
user
changepassword.php
editemail.php
getpassword.php
postpassword.php
settings.php
welcome_message.php
arial.ttf
captcha
sys.txt
css
bootstrap-theme.css
bootstrap-theme.css.map
bootstrap-theme.min.css
bootstrap-theme.min.css.map
bootstrap.css
bootstrap.css.map
bootstrap.min.css
bootstrap.min.css.map
favicon.ico
fonts
glyphicons-halflings-regular.eot
glyphicons-halflings-regular.svg
glyphicons-halflings-regular.ttf
glyphicons-halflings-regular.woff
glyphicons-halflings-regular.woff2
hrefsystem.png
index.php
install.php
jquery-latest.min.js
js
bootstrap.js
bootstrap.min.js
npm.js
library
ajax-loader.gif
crop
Canvas.php
Coordinate.php
Exception.php
Font
GDF.php
PS.php
TTF.php
Image.php
Mapper
BMP.php
GD.php
GD2.php
GIF.php
JPEG.php
PNG.php
TGA.php
MapperFactory.php
Operation
AddNoise.php
ApplyConvolution.php
ApplyFilter.php
ApplyMask.php
AsGrayscale.php
AsNegative.php
AutoCrop.php
CopyChannelsPalette.php
CopyChannelsTrueColor.php
CorrectGamma.php
Crop.php
Flip.php
GetMask.php
Merge.php
Mirror.php
Resize.php
ResizeCanvas.php
Rotate.php
RoundCorners.php
Unsharp.php
OperationFactory.php
PaletteImage.php
README
TrueColorImage.php
VERSION
WideImage.php
gpl.txt
lgpl.txt
vendor
de77
BMP.php
TGA.php
index.html
jquery-autocomplete
changelog.txt
demo
bg.gif
emails.php
emails.phps
images
Amsterdam Van-Gogh Museum.jpg
Amsterdam.jpg
Antwerpen Rubenshaus.jpg
Antwerpen.jpg
Appenzell.jpg
Arnhem Historisches Museum.jpg
Bled.jpg
Bled_Die Burg von Bled.jpg
Bogojina_Die Pfarrkirche.jpg
BolognaBasilicadiSanPetronio.jpg
BolognaFontanadelNettuno.jpg
BolognaPiazzaMaggiore.jpg
Bolsward Martinikerk.jpg
Bolsward Stadhuis.jpg
Bolsward.jpg
BordeauxND.jpg
BordeauxPlaceB.jpg
BotanischerGartenZuerich.jpg
Bouillon.jpg
Gent Hotel de Ville2.jpg
Gent.jpg
GenuaStrand.jpg
GenuabeiNacht.jpg
Giessbachfaelle Brienz.jpg
Giethoorn.jpg
Gnesen.jpg
Gornij Grad_KATHEDRALE.jpg
Gossensass.jpg
Grad_Burg Grad2.jpg
GrandDixence.jpg
GrenoblePanorama.jpg
Groningen.jpg
GrottenvonReclere.jpg
Guebwiller.jpg
Kamnik_Die Franziskaner Bibliothek.jpg
Karlsbad Muehlbrunnkolonnade.jpg
Kazimierz.jpg
KirchbergAltesRathaus1.jpg
KlagenfurtDom.jpg
KleineMeerjungfreu.jpg
LazienkiparkWarschau.jpg
LeHavreHafen.jpg
LeMans.jpg
Lednice.jpg
Leeuwarden Fries Museum.jpg
Leeuwarden.jpg
Lelystad.jpg
Lemmer.jpg
Leper Halles aux draps.jpg
Leuven Museum fuer Kirchenkunst.jpg
Leuven.jpg
Luxemburg.jpg
LuzernAltstadt.jpg
LuzernPicassoMuseum.jpg
Lyon.jpg
Maastricht Onze Lieve Vrou...jpg
Maastricht St Servaasbasiliek.jpg
Maastricht Walmuur.jpg
Maastricht.jpg
MagiatalMaggia.jpg
Mailand3.jpg
Metlika_Bela Krajina Museum.jpg
MilanoCastelloSforzesco.jpg
MilanoDom.jpg
MilazzoBurg.jpg
Novo Mesto_Das Museum.jpg
ObervellachBurgFalkenstein.jpg
OdenseeAndersen.jpg
Olimje_Kirche und Apotheke in Olimje.jpg
Olomouc.jpg
OlympischesMuseumLausanne.jpg
OrleansMaisonJeannedArc.jpg
OrleansParcFloraldelaSource.jpg
OstiaAntica.jpg
Ostrow Tumski.jpg
PoertschachSchlossLeonstain.jpg
Portoroz.jpg
Posen.jpg
Postojna.jpg
Prag Altstaedter Ring.jpg
Prag Waldsteinpalais.jpg
RouenNotreDame.jpg
Salzbergwerk Bex.jpg
SalzbergwerkWieliczka.jpg
SalzburgFestungHohensalzburg.jpg
SalzburgResidenz.jpg
WienMuseumsQuartier.jpg
WienMusikverein.jpg
WienRiesenrad.jpg
WienRingstrasse.jpg
images.php
index.html
indicator.gif
json.html
localdata.js
main.css
search.php
search.phps
jquery.autocomplete.css
jquery.autocomplete.js
jquery.autocomplete.min.js
jquery.autocomplete.pack.js
lib
jquery.ajaxQueue.js
jquery.bgiframe.min.js
jquery.js
thickbox-compressed.js
thickbox.css
todo
jquery-ui-sliderAccess.js
jquery-ui-timepicker-addon.css
jquery-ui-timepicker-addon.js
jquery-ui.css
jquery-ui.min.js
jquery.min.js
jscolor
arrow.gif
cross.gif
demo.html
hs.png
hv.png
jscolor.js
style.css
script.js
stylesmenu.css
system
.htaccess
core
Benchmark.php
CodeIgniter.php
Common.php
Config.php
Controller.php
Exceptions.php
Hooks.php
Input.php
Lang.php
Loader.php
Log.php
Model.php
Output.php
Router.php
Security.php
URI.php
Utf8.php
compat
hash.php
index.html
mbstring.php
password.php
standard.php
index.html
database
DB.php
DB_active_rec.php
DB_cache.php
DB_driver.php
DB_forge.php
DB_query_builder.php
DB_result.php
DB_utility.php
drivers
cubrid
cubrid_driver.php
cubrid_forge.php
cubrid_result.php
cubrid_utility.php
index.html
ibase
ibase_driver.php
ibase_forge.php
ibase_result.php
ibase_utility.php
index.html
index.html
mssql
index.html
mssql_driver.php
mssql_forge.php
mssql_result.php
mssql_utility.php
mysql
index.html
mysql_driver.php
mysql_forge.php
mysql_result.php
mysql_utility.php
mysqli
index.html
mysqli_driver.php
mysqli_forge.php
mysqli_result.php
mysqli_utility.php
oci8
index.html
oci8_driver.php
oci8_forge.php
oci8_result.php
oci8_utility.php
odbc
index.html
odbc_driver.php
odbc_forge.php
odbc_result.php
odbc_utility.php
pdo
index.html
pdo_driver.php
pdo_forge.php
pdo_result.php
pdo_utility.php
subdrivers
index.html
pdo_4d_driver.php
pdo_4d_forge.php
pdo_cubrid_driver.php
pdo_cubrid_forge.php
pdo_dblib_driver.php
pdo_dblib_forge.php
pdo_firebird_driver.php
pdo_firebird_forge.php
pdo_ibm_driver.php
pdo_ibm_forge.php
pdo_informix_driver.php
pdo_informix_forge.php
pdo_mysql_driver.php
pdo_mysql_forge.php
pdo_oci_driver.php
pdo_oci_forge.php
pdo_odbc_driver.php
pdo_odbc_forge.php
pdo_pgsql_driver.php
pdo_pgsql_forge.php
pdo_sqlite_driver.php
pdo_sqlite_forge.php
pdo_sqlsrv_driver.php
pdo_sqlsrv_forge.php
postgre
index.html
postgre_driver.php
postgre_forge.php
postgre_result.php
postgre_utility.php
sqlite
index.html
sqlite_driver.php
sqlite_forge.php
sqlite_result.php
sqlite_utility.php
sqlite3
index.html
sqlite3_driver.php
sqlite3_forge.php
sqlite3_result.php
sqlite3_utility.php
sqlsrv
index.html
sqlsrv_driver.php
sqlsrv_forge.php
sqlsrv_result.php
sqlsrv_utility.php
index.html
fonts
index.html
texb.ttf
helpers
array_helper.php
captcha_helper.php
cookie_helper.php
date_helper.php
directory_helper.php
download_helper.php
email_helper.php
file_helper.php
form_helper.php
html_helper.php
index.html
inflector_helper.php
language_helper.php
number_helper.php
path_helper.php
security_helper.php
smiley_helper.php
string_helper.php
text_helper.php
typography_helper.php
url_helper.php
xml_helper.php
index.html
language
english
calendar_lang.php
date_lang.php
db_lang.php
email_lang.php
form_validation_lang.php
ftp_lang.php
imglib_lang.php
index.html
migration_lang.php
number_lang.php
pagination_lang.php
profiler_lang.php
unit_test_lang.php
upload_lang.php
index.html
libraries
Cache
Cache.php
drivers
Cache_apc.php
Cache_dummy.php
Cache_file.php
Cache_memcached.php
Cache_redis.php
Cache_wincache.php
index.html
index.html
Calendar.php
Cart.php
Driver.php
Email.php
Encrypt.php
Encryption.php
Form_validation.php
Ftp.php
Image_lib.php
Javascript
Jquery.php
index.html
Javascript.php
Log.php
Migration.php
Pagination.php
Parser.php
Profiler.php
Session
Session.php
SessionHandlerInterface.php
Session_driver.php
drivers
Session_database_driver.php
Session_files_driver.php
Session_memcached_driver.php
Session_redis_driver.php
index.html
index.html
Session.php
Sha1.php
Table.php
Trackback.php
Typography.php
Unit_test.php
Upload.php
User_agent.php
Xmlrpc.php
Xmlrpcs.php
Zip.php
index.html
uploads
sys.txt
<?php
/**
* htmlfilter.inc
* ---------------
* This set of functions allows you to filter html in order to remove
* any malicious tags from it. Useful in cases when you need to filter
* user input for any cross-site-scripting attempts.
*
* Copyright (C) 2002-2004 by Duke University
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA
*
* @Author Konstantin Riabitsev <icon@linux.duke.edu>
* @Author Jim Jagielski <jim@jaguNET.com / jimjag@gmail.com>
* @Version 1.1 ($Date$)
*/
/**
* This function returns the final tag out of the tag name, an array
* of attributes, and the type of the tag. This function is called by
* tln_sanitize internally.
*
* @param string $tagname the name of the tag.
* @param array $attary the array of attributes and their values
* @param integer $tagtype The type of the tag (see in comments).
* @return string A string with the final tag representation.
*/
function tln_tagprint($tagname, $attary, $tagtype)
{
if ($tagtype == 2) {
$fulltag = '</' . $tagname . '>';
} else {
$fulltag = '<' . $tagname;
if (is_array($attary) && sizeof($attary)) {
$atts = array();
while (list($attname, $attvalue) = each($attary)) {
array_push($atts, "$attname=$attvalue");
}
$fulltag .= ' ' . join(' ', $atts);
}
if ($tagtype == 3) {
$fulltag .= ' /';
}
$fulltag .= '>';
}
return $fulltag;
}
/**
* A small helper function to use with array_walk. Modifies a by-ref
* value and makes it lowercase.
*
* @param string $val a value passed by-ref.
* @return void since it modifies a by-ref value.
*/
function tln_casenormalize(&$val)
{
$val = strtolower($val);
}
/**
* This function skips any whitespace from the current position within
* a string and to the next non-whitespace value.
*
* @param string $body the string
* @param integer $offset the offset within the string where we should start
* looking for the next non-whitespace character.
* @return integer the location within the $body where the next
* non-whitespace char is located.
*/
function tln_skipspace($body, $offset)
{
preg_match('/^(\s*)/s', substr($body, $offset), $matches);
if (sizeof($matches[1])) {
$count = strlen($matches[1]);
$offset += $count;
}
return $offset;
}
/**
* This function looks for the next character within a string. It's
* really just a glorified "strpos", except it catches the failures
* nicely.
*
* @param string $body The string to look for needle in.
* @param integer $offset Start looking from this position.
* @param string $needle The character/string to look for.
* @return integer location of the next occurrence of the needle, or
* strlen($body) if needle wasn't found.
*/
function tln_findnxstr($body, $offset, $needle)
{
$pos = strpos($body, $needle, $offset);
if ($pos === false) {
$pos = strlen($body);
}
return $pos;
}
/**
* This function takes a PCRE-style regexp and tries to match it
* within the string.
*
* @param string $body The string to look for needle in.
* @param integer $offset Start looking from here.
* @param string $reg A PCRE-style regex to match.
* @return array|boolean Returns a false if no matches found, or an array
* with the following members:
* - integer with the location of the match within $body
* - string with whatever content between offset and the match
* - string with whatever it is we matched
*/
function tln_findnxreg($body, $offset, $reg)
{
$matches = array();
$retarr = array();
$preg_rule = '%^(.*?)(' . $reg . ')%s';
preg_match($preg_rule, substr($body, $offset), $matches);
if (!isset($matches[0]) || !$matches[0]) {
$retarr = false;
} else {
$retarr[0] = $offset + strlen($matches[1]);
$retarr[1] = $matches[1];
$retarr[2] = $matches[2];
}
return $retarr;
}
/**
* This function looks for the next tag.
*
* @param string $body String where to look for the next tag.
* @param integer $offset Start looking from here.
* @return array|boolean false if no more tags exist in the body, or
* an array with the following members:
* - string with the name of the tag
* - array with attributes and their values
* - integer with tag type (1, 2, or 3)
* - integer where the tag starts (starting "<")
* - integer where the tag ends (ending ">")
* first three members will be false, if the tag is invalid.
*/
function tln_getnxtag($body, $offset)
{
if ($offset > strlen($body)) {
return false;
}
$lt = tln_findnxstr($body, $offset, '<');
if ($lt == strlen($body)) {
return false;
}
/**
* We are here:
* blah blah <tag attribute="value">
* \---------^
*/
$pos = tln_skipspace($body, $lt + 1);
if ($pos >= strlen($body)) {
return array(false, false, false, $lt, strlen($body));
}
/**
* There are 3 kinds of tags:
* 1. Opening tag, e.g.:
* <a href="blah">
* 2. Closing tag, e.g.:
* </a>
* 3. XHTML-style content-less tag, e.g.:
* <img src="blah"/>
*/
switch (substr($body, $pos, 1)) {
case '/':
$tagtype = 2;
$pos++;
break;
case '!':
/**
* A comment or an SGML declaration.
*/
if (substr($body, $pos + 1, 2) == '--') {
$gt = strpos($body, '-->', $pos);
if ($gt === false) {
$gt = strlen($body);
} else {
$gt += 2;
}
return array(false, false, false, $lt, $gt);
} else {
$gt = tln_findnxstr($body, $pos, '>');
return array(false, false, false, $lt, $gt);
}
break;
default:
/**
* Assume tagtype 1 for now. If it's type 3, we'll switch values
* later.
*/
$tagtype = 1;
break;
}
/**
* Look for next [\W-_], which will indicate the end of the tag name.
*/
$regary = tln_findnxreg($body, $pos, '[^\w\-_]');
if ($regary == false) {
return array(false, false, false, $lt, strlen($body));
}
list($pos, $tagname, $match) = $regary;
$tagname = strtolower($tagname);
/**
* $match can be either of these:
* '>' indicating the end of the tag entirely.
* '\s' indicating the end of the tag name.
* '/' indicating that this is type-3 xhtml tag.
*
* Whatever else we find there indicates an invalid tag.
*/
switch ($match) {
case '/':
/**
* This is an xhtml-style tag with a closing / at the
* end, like so: <img src="blah"/>. Check if it's followed
* by the closing bracket. If not, then this tag is invalid
*/
if (substr($body, $pos, 2) == '/>') {
$pos++;
$tagtype = 3;
} else {
$gt = tln_findnxstr($body, $pos, '>');
$retary = array(false, false, false, $lt, $gt);
return $retary;
}
//intentional fall-through
case '>':
return array($tagname, false, $tagtype, $lt, $pos);
break;
default:
/**
* Check if it's whitespace
*/
if (!preg_match('/\s/', $match)) {
/**
* This is an invalid tag! Look for the next closing ">".
*/
$gt = tln_findnxstr($body, $lt, '>');
return array(false, false, false, $lt, $gt);
}
break;
}
/**
* At this point we're here:
* <tagname attribute='blah'>
* \-------^
*
* At this point we loop in order to find all attributes.
*/
$attary = array();
while ($pos <= strlen($body)) {
$pos = tln_skipspace($body, $pos);
if ($pos == strlen($body)) {
/**
* Non-closed tag.
*/
return array(false, false, false, $lt, $pos);
}
/**
* See if we arrived at a ">" or "/>", which means that we reached
* the end of the tag.
*/
$matches = array();
if (preg_match('%^(\s*)(>|/>)%s', substr($body, $pos), $matches)) {
/**
* Yep. So we did.
*/
$pos += strlen($matches[1]);
if ($matches[2] == '/>') {
$tagtype = 3;
$pos++;
}
return array($tagname, $attary, $tagtype, $lt, $pos);
}
/**
* There are several types of attributes, with optional
* [:space:] between members.
* Type 1:
* attrname[:space:]=[:space:]'CDATA'
* Type 2:
* attrname[:space:]=[:space:]"CDATA"
* Type 3:
* attr[:space:]=[:space:]CDATA
* Type 4:
* attrname
*
* We leave types 1 and 2 the same, type 3 we check for
* '"' and convert to """ if needed, then wrap in
* double quotes. Type 4 we convert into:
* attrname="yes".
*/
$regary = tln_findnxreg($body, $pos, '[^\w\-_]');
if ($regary == false) {
/**
* Looks like body ended before the end of tag.
*/
return array(false, false, false, $lt, strlen($body));
}
list($pos, $attname, $match) = $regary;
$attname = strtolower($attname);
/**
* We arrived at the end of attribute name. Several things possible
* here:
* '>' means the end of the tag and this is attribute type 4
* '/' if followed by '>' means the same thing as above
* '\s' means a lot of things -- look what it's followed by.
* anything else means the attribute is invalid.
*/
switch ($match) {
case '/':
/**
* This is an xhtml-style tag with a closing / at the
* end, like so: <img src="blah"/>. Check if it's followed
* by the closing bracket. If not, then this tag is invalid
*/
if (substr($body, $pos, 2) == '/>') {
$pos++;
$tagtype = 3;
} else {
$gt = tln_findnxstr($body, $pos, '>');
$retary = array(false, false, false, $lt, $gt);
return $retary;
}
//intentional fall-through
case '>':
$attary{$attname} = '"yes"';
return array($tagname, $attary, $tagtype, $lt, $pos);
break;
default:
/**
* Skip whitespace and see what we arrive at.
*/
$pos = tln_skipspace($body, $pos);
$char = substr($body, $pos, 1);
/**
* Two things are valid here:
* '=' means this is attribute type 1 2 or 3.
* \w means this was attribute type 4.
* anything else we ignore and re-loop. End of tag and
* invalid stuff will be caught by our checks at the beginning
* of the loop.
*/
if ($char == '=') {
$pos++;
$pos = tln_skipspace($body, $pos);
/**
* Here are 3 possibilities:
* "'" attribute type 1
* '"' attribute type 2
* everything else is the content of tag type 3
*/
$quot = substr($body, $pos, 1);
if ($quot == '\'') {
$regary = tln_findnxreg($body, $pos + 1, '\'');
if ($regary == false) {
return array(false, false, false, $lt, strlen($body));
}
list($pos, $attval, $match) = $regary;
$pos++;
$attary{$attname} = '\'' . $attval . '\'';
} elseif ($quot == '"') {
$regary = tln_findnxreg($body, $pos + 1, '\"');
if ($regary == false) {
return array(false, false, false, $lt, strlen($body));
}
list($pos, $attval, $match) = $regary;
$pos++;
$attary{$attname} = '"' . $attval . '"';
} else {
/**
* These are hateful. Look for \s, or >.
*/
$regary = tln_findnxreg($body, $pos, '[\s>]');
if ($regary == false) {
return array(false, false, false, $lt, strlen($body));
}
list($pos, $attval, $match) = $regary;
/**
* If it's ">" it will be caught at the top.
*/
$attval = preg_replace('/\"/s', '"', $attval);
$attary{$attname} = '"' . $attval . '"';
}
} elseif (preg_match('|[\w/>]|', $char)) {
/**
* That was attribute type 4.
*/
$attary{$attname} = '"yes"';
} else {
/**
* An illegal character. Find next '>' and return.
*/
$gt = tln_findnxstr($body, $pos, '>');
return array(false, false, false, $lt, $gt);
}
break;
}
}
/**
* The fact that we got here indicates that the tag end was never
* found. Return invalid tag indication so it gets stripped.
*/
return array(false, false, false, $lt, strlen($body));
}
/**
* Translates entities into literal values so they can be checked.
*
* @param string $attvalue the by-ref value to check.
* @param string $regex the regular expression to check against.
* @param boolean $hex whether the entites are hexadecimal.
* @return boolean True or False depending on whether there were matches.
*/
function tln_deent(&$attvalue, $regex, $hex = false)
{
preg_match_all($regex, $attvalue, $matches);
if (is_array($matches) && sizeof($matches[0]) > 0) {
$repl = array();
for ($i = 0; $i < sizeof($matches[0]); $i++) {
$numval = $matches[1][$i];
if ($hex) {
$numval = hexdec($numval);
}
$repl{$matches[0][$i]} = chr($numval);
}
$attvalue = strtr($attvalue, $repl);
return true;
} else {
return false;
}
}
/**
* This function checks attribute values for entity-encoded values
* and returns them translated into 8-bit strings so we can run
* checks on them.
*
* @param string $attvalue A string to run entity check against.
* @return Void, modifies a reference value.
*/
function tln_defang(&$attvalue)
{
/**
* Skip this if there aren't ampersands or backslashes.
*/
if (strpos($attvalue, '&') === false
&& strpos($attvalue, '\\') === false
) {
return;
}
do {
$m = false;
$m = $m || tln_deent($attvalue, '/\�*(\d+);*/s');
$m = $m || tln_deent($attvalue, '/\�*((\d|[a-f])+);*/si', true);
$m = $m || tln_deent($attvalue, '/\\\\(\d+)/s', true);
} while ($m == true);
$attvalue = stripslashes($attvalue);
}
/**
* Kill any tabs, newlines, or carriage returns. Our friends the
* makers of the browser with 95% market value decided that it'd
* be funny to make "java[tab]script" be just as good as "javascript".
*
* @param string $attvalue The attribute value before extraneous spaces removed.
* @return Void, modifies a reference value.
*/
function tln_unspace(&$attvalue)
{
if (strcspn($attvalue, "\t\r\n\0 ") != strlen($attvalue)) {
$attvalue = str_replace(
array("\t", "\r", "\n", "\0", " "),
array('', '', '', '', ''),
$attvalue
);
}
}
/**
* This function runs various checks against the attributes.
*
* @param string $tagname String with the name of the tag.
* @param array $attary Array with all tag attributes.
* @param array $rm_attnames See description for tln_sanitize
* @param array $bad_attvals See description for tln_sanitize
* @param array $add_attr_to_tag See description for tln_sanitize
* @param string $trans_image_path
* @param boolean $block_external_images
* @return Array with modified attributes.
*/
function tln_fixatts(
$tagname,
$attary,
$rm_attnames,
$bad_attvals,
$add_attr_to_tag,
$trans_image_path,
$block_external_images
) {
while (list($attname, $attvalue) = each($attary)) {
/**
* See if this attribute should be removed.
*/
foreach ($rm_attnames as $matchtag => $matchattrs) {
if (preg_match($matchtag, $tagname)) {
foreach ($matchattrs as $matchattr) {
if (preg_match($matchattr, $attname)) {
unset($attary{$attname});
continue;
}
}
}
}
/**
* Remove any backslashes, entities, or extraneous whitespace.
*/
$oldattvalue = $attvalue;
tln_defang($attvalue);
if ($attname == 'style' && $attvalue !== $oldattvalue) {
$attvalue = "idiocy";
$attary{$attname} = $attvalue;
}
tln_unspace($attvalue);
/**
* Now let's run checks on the attvalues.
* I don't expect anyone to comprehend this. If you do,
* get in touch with me so I can drive to where you live and
* shake your hand personally. :)
*/
foreach ($bad_attvals as $matchtag => $matchattrs) {
if (preg_match($matchtag, $tagname)) {
foreach ($matchattrs as $matchattr => $valary) {
if (preg_match($matchattr, $attname)) {
/**
* There are two arrays in valary.
* First is matches.
* Second one is replacements
*/
list($valmatch, $valrepl) = $valary;
$newvalue = preg_replace($valmatch, $valrepl, $attvalue);
if ($newvalue != $attvalue) {
$attary{$attname} = $newvalue;
$attvalue = $newvalue;
}
}
}
}
}
if ($attname == 'style') {
if (preg_match('/[\0-\37\200-\377]+/', $attvalue)) {
$attary{$attname} = '"disallowed character"';
}
preg_match_all("/url\s*\((.+)\)/si", $attvalue, $aMatch);
if (count($aMatch)) {
foreach($aMatch[1] as $sMatch) {
$urlvalue = $sMatch;
tln_fixurl($attname, $urlvalue, $trans_image_path, $block_external_images);
$attary{$attname} = str_replace($sMatch, $urlvalue, $attvalue);
}
}
}
}
/**
* See if we need to append any attributes to this tag.
*/
foreach ($add_attr_to_tag as $matchtag => $addattary) {
if (preg_match($matchtag, $tagname)) {
$attary = array_merge($attary, $addattary);
}
}
return $attary;
}
function tln_fixurl($attname, &$attvalue, $trans_image_path, $block_external_images)
{
$sQuote = '"';
$attvalue = trim($attvalue);
if ($attvalue && ($attvalue[0] =='"'|| $attvalue[0] == "'")) {
// remove the double quotes
$sQuote = $attvalue[0];
$attvalue = trim(substr($attvalue,1,-1));
}
/**
* Replace empty src tags with the blank image. src is only used
* for frames, images, and image inputs. Doing a replace should
* not affect them working as should be, however it will stop
* IE from being kicked off when src for img tags are not set
*/
if ($attvalue == '') {
$attvalue = $sQuote . $trans_image_path . $sQuote;
} else {
// first, disallow 8 bit characters and control characters
if (preg_match('/[\0-\37\200-\377]+/',$attvalue)) {
switch ($attname) {
case 'href':
$attvalue = $sQuote . 'http://invalid-stuff-detected.example.com' . $sQuote;
break;
default:
$attvalue = $sQuote . $trans_image_path . $sQuote;
break;
}
} else {
$aUrl = parse_url($attvalue);
if (isset($aUrl['scheme'])) {
switch(strtolower($aUrl['scheme'])) {
case 'mailto':
case 'http':
case 'https':
case 'ftp':
if ($attname != 'href') {
if ($block_external_images == true) {
$attvalue = $sQuote . $trans_image_path . $sQuote;
} else {
if (!isset($aUrl['path'])) {
$attvalue = $sQuote . $trans_image_path . $sQuote;
}
}
} else {
$attvalue = $sQuote . $attvalue . $sQuote;
}
break;
case 'outbind':
$attvalue = $sQuote . $attvalue . $sQuote;
break;
case 'cid':
$attvalue = $sQuote . $attvalue . $sQuote;
break;
default:
$attvalue = $sQuote . $trans_image_path . $sQuote;
break;
}
} else {
if (!isset($aUrl['path']) || $aUrl['path'] != $trans_image_path) {
$$attvalue = $sQuote . $trans_image_path . $sQuote;
}
}
}
}
}
function tln_fixstyle($body, $pos, $trans_image_path, $block_external_images)
{
$me = 'tln_fixstyle';
// workaround for </style> in between comments
$iCurrentPos = $pos;
$content = '';
$sToken = '';
$bSucces = false;
$bEndTag = false;
for ($i=$pos,$iCount=strlen($body);$i<$iCount;++$i) {
$char = $body{$i};
switch ($char) {
case '<':
$sToken = $char;
break;
case '/':
if ($sToken == '<') {
$sToken .= $char;
$bEndTag = true;
} else {
$content .= $char;
}
break;
case '>':
if ($bEndTag) {
$sToken .= $char;
if (preg_match('/\<\/\s*style\s*\>/i',$sToken,$aMatch)) {
$newpos = $i + 1;
$bSucces = true;
break 2;
} else {
$content .= $sToken;
}
$bEndTag = false;
} else {
$content .= $char;
}
break;
case '!':
if ($sToken == '<') {
// possible comment
if (isset($body{$i+2}) && substr($body,$i,3) == '!--') {
$i = strpos($body,'-->',$i+3);
if ($i === false) { // no end comment
$i = strlen($body);
}
$sToken = '';
}
} else {
$content .= $char;
}
break;
default:
if ($bEndTag) {
$sToken .= $char;
} else {
$content .= $char;
}
break;
}
}
if ($bSucces == FALSE){
return array(FALSE, strlen($body));
}
/**
* First look for general BODY style declaration, which would be
* like so:
* body {background: blah-blah}
* and change it to .bodyclass so we can just assign it to a <div>
*/
$content = preg_replace("|body(\s*\{.*?\})|si", ".bodyclass\\1", $content);
$trans_image_path = $trans_image_path;
/**
* Fix url('blah') declarations.
*/
// $content = preg_replace("|url\s*\(\s*([\'\"])\s*\S+script\s*:.*?([\'\"])\s*\)|si",
// "url(\\1$trans_image_path\\2)", $content);
// first check for 8bit sequences and disallowed control characters
if (preg_match('/[\16-\37\200-\377]+/',$content)) {
$content = '<!-- style block removed by html filter due to presence of 8bit characters -->';
return array($content, $newpos);
}
// remove @import line
$content = preg_replace("/^\s*(@import.*)$/mi","\n<!-- @import rules forbidden -->\n",$content);
$content = preg_replace("/(\\\\)?u(\\\\)?r(\\\\)?l(\\\\)?/i", 'url', $content);
preg_match_all("/url\s*\((.+)\)/si",$content,$aMatch);
if (count($aMatch)) {
$aValue = $aReplace = array();
foreach($aMatch[1] as $sMatch) {
// url value
$urlvalue = $sMatch;
tln_fixurl('style',$urlvalue, $trans_image_path, $block_external_images);
$aValue[] = $sMatch;
$aReplace[] = $urlvalue;
}
$content = str_replace($aValue,$aReplace,$content);
}
/**
* Remove any backslashes, entities, and extraneous whitespace.
*/
$contentTemp = $content;
tln_defang($contentTemp);
tln_unspace($contentTemp);
$match = Array('/\/\*.*\*\//',
'/expression/i',
'/behaviou*r/i',
'/binding/i',
'/include-source/i',
'/javascript/i',
'/script/i',
'/position/i');
$replace = Array('','idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', '');
$contentNew = preg_replace($match, $replace, $contentTemp);
if ($contentNew !== $contentTemp) {
$content = $contentNew;
}
return array($content, $newpos);
}
function tln_body2div($attary, $trans_image_path)
{
$me = 'tln_body2div';
$divattary = array('class' => "'bodyclass'");
$text = '#000000';
$has_bgc_stl = $has_txt_stl = false;
$styledef = '';
if (is_array($attary) && sizeof($attary) > 0){
foreach ($attary as $attname=>$attvalue){
$quotchar = substr($attvalue, 0, 1);
$attvalue = str_replace($quotchar, "", $attvalue);
switch ($attname){
case 'background':
$styledef .= "background-image: url('$trans_image_path'); ";
break;
case 'bgcolor':
$has_bgc_stl = true;
$styledef .= "background-color: $attvalue; ";
break;
case 'text':
$has_txt_stl = true;
$styledef .= "color: $attvalue; ";
break;
}
}
// Outlook defines a white bgcolor and no text color. This can lead to
// white text on a white bg with certain themes.
if ($has_bgc_stl && !$has_txt_stl) {
$styledef .= "color: $text; ";
}
if (strlen($styledef) > 0){
$divattary{"style"} = "\"$styledef\"";
}
}
return $divattary;
}
/**
*
* @param string $body The HTML you wish to filter
* @param array $tag_list see description above
* @param array $rm_tags_with_content see description above
* @param array $self_closing_tags see description above
* @param boolean $force_tag_closing see description above
* @param array $rm_attnames see description above
* @param array $bad_attvals see description above
* @param array $add_attr_to_tag see description above
* @param string $trans_image_path
* @param boolean $block_external_images
* @return string Sanitized html safe to show on your pages.
*/
function tln_sanitize(
$body,
$tag_list,
$rm_tags_with_content,
$self_closing_tags,
$force_tag_closing,
$rm_attnames,
$bad_attvals,
$add_attr_to_tag,
$trans_image_path,
$block_external_images
) {
/**
* Normalize rm_tags and rm_tags_with_content.
*/
$rm_tags = array_shift($tag_list);
@array_walk($tag_list, 'tln_casenormalize');
@array_walk($rm_tags_with_content, 'tln_casenormalize');
@array_walk($self_closing_tags, 'tln_casenormalize');
/**
* See if tag_list is of tags to remove or tags to allow.
* false means remove these tags
* true means allow these tags
*/
$curpos = 0;
$open_tags = array();
$trusted = "<!-- begin tln_sanitized html -->\n";
$skip_content = false;
/**
* Take care of netscape's stupid javascript entities like
* &{alert('boo')};
*/
$body = preg_replace('/&(\{.*?\};)/si', '&\\1', $body);
while (($curtag = tln_getnxtag($body, $curpos)) != false) {
list($tagname, $attary, $tagtype, $lt, $gt) = $curtag;
$free_content = substr($body, $curpos, $lt-$curpos);
/**
* Take care of <style>
*/
if ($tagname == "style" && $tagtype == 1){
list($free_content, $curpos) =
tln_fixstyle($body, $gt+1, $trans_image_path, $block_external_images);
if ($free_content != FALSE){
if ( !empty($attary) ) {
$attary = tln_fixatts($tagname,
$attary,
$rm_attnames,
$bad_attvals,
$add_attr_to_tag,
$trans_image_path,
$block_external_images
);
}
$trusted .= tln_tagprint($tagname, $attary, $tagtype);
$trusted .= $free_content;
$trusted .= tln_tagprint($tagname, false, 2);
}
continue;
}
if ($skip_content == false){
$trusted .= $free_content;
}
if ($tagname != false) {
if ($tagtype == 2) {
if ($skip_content == $tagname) {
/**
* Got to the end of tag we needed to remove.
*/
$tagname = false;
$skip_content = false;
} else {
if ($skip_content == false) {
if ($tagname == "body") {
$tagname = "div";
}
if (isset($open_tags{$tagname}) &&
$open_tags{$tagname} > 0
) {
$open_tags{$tagname}--;
} else {
$tagname = false;
}
}
}
} else {
/**
* $rm_tags_with_content
*/
if ($skip_content == false) {
/**
* See if this is a self-closing type and change
* tagtype appropriately.
*/
if ($tagtype == 1
&& in_array($tagname, $self_closing_tags)
) {
$tagtype = 3;
}
/**
* See if we should skip this tag and any content
* inside it.
*/
if ($tagtype == 1
&& in_array($tagname, $rm_tags_with_content)
) {
$skip_content = $tagname;
} else {
if (($rm_tags == false
&& in_array($tagname, $tag_list)) ||
($rm_tags == true
&& !in_array($tagname, $tag_list))
) {
$tagname = false;
} else {
/**
* Convert body into div.
*/
if ($tagname == "body"){
$tagname = "div";
$attary = tln_body2div($attary, $trans_image_path);
}
if ($tagtype == 1) {
if (isset($open_tags{$tagname})) {
$open_tags{$tagname}++;
} else {
$open_tags{$tagname} = 1;
}
}
/**
* This is where we run other checks.
*/
if (is_array($attary) && sizeof($attary) > 0) {
$attary = tln_fixatts(
$tagname,
$attary,
$rm_attnames,
$bad_attvals,
$add_attr_to_tag,
$trans_image_path,
$block_external_images
);
}
}
}
}
}
if ($tagname != false && $skip_content == false) {
$trusted .= tln_tagprint($tagname, $attary, $tagtype);
}
}
$curpos = $gt + 1;
}
$trusted .= substr($body, $curpos, strlen($body) - $curpos);
if ($force_tag_closing == true) {
foreach ($open_tags as $tagname => $opentimes) {
while ($opentimes > 0) {
$trusted .= '</' . $tagname . '>';
$opentimes--;
}
}
$trusted .= "\n";
}
$trusted .= "<!-- end tln_sanitized html -->\n";
return $trusted;
}
//
// Use the nifty htmlfilter library
//
function HTMLFilter($body, $trans_image_path, $block_external_images = false)
{
$tag_list = array(
false,
"object",
"meta",
"html",
"head",
"base",
"link",
"frame",
"iframe",
"plaintext",
"marquee"
);
$rm_tags_with_content = array(
"script",
"applet",
"embed",
"title",
"frameset",
"xmp",
"xml"
);
$self_closing_tags = array(
"img",
"br",
"hr",
"input",
"outbind"
);
$force_tag_closing = true;
$rm_attnames = array(
"/.*/" =>
array(
// "/target/i",
"/^on.*/i",
"/^dynsrc/i",
"/^data.*/i",
"/^lowsrc.*/i"
)
);
$bad_attvals = array(
"/.*/" =>
array(
"/^src|background/i" =>
array(
array(
'/^([\'"])\s*\S+script\s*:.*([\'"])/si',
'/^([\'"])\s*mocha\s*:*.*([\'"])/si',
'/^([\'"])\s*about\s*:.*([\'"])/si'
),
array(
"\\1$trans_image_path\\2",
"\\1$trans_image_path\\2",
"\\1$trans_image_path\\2"
)
),
"/^href|action/i" =>
array(
array(
'/^([\'"])\s*\S+script\s*:.*([\'"])/si',
'/^([\'"])\s*mocha\s*:*.*([\'"])/si',
'/^([\'"])\s*about\s*:.*([\'"])/si'
),
array(
"\\1#\\1",
"\\1#\\1",
"\\1#\\1"
)
),
"/^style/i" =>
array(
array(
"/\/\*.*\*\//",
"/expression/i",
"/binding/i",
"/behaviou*r/i",
"/include-source/i",
'/position\s*:/i',
'/(\\\\)?u(\\\\)?r(\\\\)?l(\\\\)?/i',
'/url\s*\(\s*([\'"])\s*\S+script\s*:.*([\'"])\s*\)/si',
'/url\s*\(\s*([\'"])\s*mocha\s*:.*([\'"])\s*\)/si',
'/url\s*\(\s*([\'"])\s*about\s*:.*([\'"])\s*\)/si',
'/(.*)\s*:\s*url\s*\(\s*([\'"]*)\s*\S+script\s*:.*([\'"]*)\s*\)/si'
),
array(
"",
"idiocy",
"idiocy",
"idiocy",
"idiocy",
"idiocy",
"url",
"url(\\1#\\1)",
"url(\\1#\\1)",
"url(\\1#\\1)",
"\\1:url(\\2#\\3)"
)
)
)
);
if ($block_external_images) {
array_push(
$bad_attvals{'/.*/'}{'/^src|background/i'}[0],
'/^([\'\"])\s*https*:.*([\'\"])/si'
);
array_push(
$bad_attvals{'/.*/'}{'/^src|background/i'}[1],
"\\1$trans_image_path\\1"
);
array_push(
$bad_attvals{'/.*/'}{'/^style/i'}[0],
'/url\(([\'\"])\s*https*:.*([\'\"])\)/si'
);
array_push(
$bad_attvals{'/.*/'}{'/^style/i'}[1],
"url(\\1$trans_image_path\\1)"
);
}
$add_attr_to_tag = array(
"/^a$/i" =>
array('target' => '"_blank"')
);
$trusted = tln_sanitize(
$body,
$tag_list,
$rm_tags_with_content,
$self_closing_tags,
$force_tag_closing,
$rm_attnames,
$bad_attvals,
$add_attr_to_tag,
$trans_image_path,
$block_external_images
);
return $trusted;
}