X-Git-Url: http://git.dj3c1t.com/?a=blobdiff_plain;f=web%2Fapp%2Fenv%2Fmodules%2Fmw_env_inputs.php;h=0ebd0429ba50dd7f455497fae5259e88e683df61;hb=281c96e95451269f2614684b8de5be25862c8374;hp=526285a216119914499f90c42f8f98f28a1e5725;hpb=19b8f3b9263210d9154e7556446e903f84175519;p=mtweb diff --git a/web/app/env/modules/mw_env_inputs.php b/web/app/env/modules/mw_env_inputs.php index 526285a..0ebd042 100644 --- a/web/app/env/modules/mw_env_inputs.php +++ b/web/app/env/modules/mw_env_inputs.php @@ -1,37 +1,38 @@ path("libs")."inputfilter.php"; - $allowed_tags = array - ( "p", "span", "pre", "blockquote", "address", "hr", "br", + function prepare_inputs(){ + if($_POST){ + require_once $this->path("libs")."inputfilter.php"; + $allowed_tags = array( + "p", "span", "pre", "blockquote", "address", "hr", "br", "img", "strong", "em", "u", "i", "b", "s", "a", "ul", "ol", "li", "h1", "h2", "h3", "h4", "h5", "h6" ); - $allowed_attrs = array - ( "style", + $allowed_attrs = array( + "style", "src", "alt", "width", "height", "href", "title" ); $input_filter = new InputFilter($allowed_tags, $allowed_attrs); $_POST = $input_filter->process($_POST); } - if($_FILES) - { foreach($_FILES as $file_key => $file_infos) - { $v_name = explode(".", $file_infos["name"]); + if($_FILES){ + foreach($_FILES as $file_key => $file_infos){ + $v_name = explode(".", $file_infos["name"]); $ext = strtolower($v_name[count($v_name) - 1]); - if - ( $ext != "png" + if( + $ext != "png" && $ext != "jpg" && $ext != "jpeg" && $ext != "gif" - ) unset($_FILES[$file_key]); + ){ + unset($_FILES[$file_key]); + } } } return true;