From: Ilia Alshanetsky Date: Mon, 18 Dec 2006 15:02:16 +0000 (+0000) Subject: Less hackish support for spaces at the start of tags within strip_tags() X-Git-Tag: php-5.2.1RC2~165 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=090e14dfda98ee0c77cfed62b741bf3eb65b45bf;p=php Less hackish support for spaces at the start of tags within strip_tags() --- diff --git a/ext/filter/sanitizing_filters.c b/ext/filter/sanitizing_filters.c index 3c2d9988f8..22554bdf5d 100644 --- a/ext/filter/sanitizing_filters.c +++ b/ext/filter/sanitizing_filters.c @@ -179,7 +179,7 @@ void php_filter_string(PHP_INPUT_FILTER_PARAM_DECL) php_filter_encode_html(value, enc); /* strip tags, implicitly also removes \0 chars */ - new_len = php_strip_tags(Z_STRVAL_P(value), Z_STRLEN_P(value), NULL, NULL, -1); + new_len = php_strip_tags_ex(Z_STRVAL_P(value), Z_STRLEN_P(value), NULL, NULL, 0, 1); Z_STRLEN_P(value) = new_len; if (new_len == 0) { diff --git a/ext/standard/php_string.h b/ext/standard/php_string.h index f11fc71095..a804b323fd 100644 --- a/ext/standard/php_string.h +++ b/ext/standard/php_string.h @@ -132,6 +132,7 @@ PHPAPI char *php_str_to_str(char *haystack, int length, char *needle, int needle_len, char *str, int str_len, int *_new_length); PHPAPI char *php_trim(char *c, int len, char *what, int what_len, zval *return_value, int mode TSRMLS_DC); PHPAPI size_t php_strip_tags(char *rbuf, int len, int *state, char *allow, int allow_len); +PHPAPI size_t php_strip_tags_ex(char *rbuf, int len, int *stateptr, char *allow, int allow_len, zend_bool allow_tag_spaces); PHPAPI int php_char_to_str_ex(char *str, uint len, char from, char *to, int to_len, zval *result, int case_sensitivity, int *replace_count); PHPAPI int php_char_to_str(char *str, uint len, char from, char *to, int to_len, zval *result); PHPAPI void php_implode(zval *delim, zval *arr, zval *return_value TSRMLS_DC); diff --git a/ext/standard/string.c b/ext/standard/string.c index 6f5dc819aa..4814de6cf0 100644 --- a/ext/standard/string.c +++ b/ext/standard/string.c @@ -3890,7 +3890,7 @@ PHP_FUNCTION(strip_tags) } convert_to_string_ex(str); buf = estrndup(Z_STRVAL_PP(str), Z_STRLEN_PP(str)); - retval_len = php_strip_tags(buf, Z_STRLEN_PP(str), NULL, allowed_tags, allowed_tags_len); + retval_len = php_strip_tags_ex(buf, Z_STRLEN_PP(str), NULL, allowed_tags, allowed_tags_len, 0); RETURN_STRINGL(buf, retval_len, 0); } /* }}} */ @@ -4095,6 +4095,11 @@ int php_tag_find(char *tag, int len, char *set) { } /* }}} */ +PHPAPI size_t php_strip_tags(char *rbuf, int len, int *stateptr, char *allow, int allow_len) +{ + return php_strip_tags_ex(rbuf, len, stateptr, allow, allow_len, 0); +} + /* {{{ php_strip_tags A simple little state-machine to strip out html and php tags @@ -4115,7 +4120,7 @@ int php_tag_find(char *tag, int len, char *set) { swm: Added ability to strip =- 0) { + if (isspace(*(p + 1)) && !allow_tag_spaces) { goto reg_char; } if (state == 0) {