tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added function for safe html symbols tag

This commit is contained in:
Jose Gonzalez 2021-04-06 10:36:43 +02:00
parent bfaf8a8794
commit a9a1a7ccb8
1 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
pandora_console/include/functions_io.php
View File

@ -593,22 +593,25 @@ function io_output_password($password)
/** /**
* Prevents html tags if exists * Clean html tags symbols for prevent use JS
*
* @param string $string String for safe.
*
* @return string
*/ */
function io_safe_html_tags(string $string) function io_safe_html_tags(string $string)
{ {
$init = strpos($string, '<'); // Must have safe output for work properly.
$output = ''; $string = io_safe_output($string);
if (strpos($string, '<') !== false && strpos($string, '>') !== false) {
if ($init !== false) {
$output = strstr($string, '<', true); $output = strstr($string, '<', true);
$tmpOutput = strstr($string, '<'); $tmpOutput = strstr($string, '<');
$output .= strstr(substr($tmpOutput, 1), '>', true); $output .= strstr(substr($tmpOutput, 1), '>', true);
$tmpOutput = strstr($string, '>'); $tmpOutput = strstr($string, '>');
$output .= substr($tmpOutput, 1); $output .= substr($tmpOutput, 1);
$init = strpos($output, '<'); // If the string still contains tags symbols.
if ($init !== false) { if (strpos($string, '<') !== false && strpos($string, '>') !== false) {
$output .= io_safe_html_tags($output); $output = io_safe_html_tags($output);
} }
} else { } else {
$output = $string; $output = $string;