1C-Bitrix
25.700.0
Загрузка...
Поиск...
Не найдено
post_filter_variables.php
См. документацию.
1
<?php
8
9
class
CSecurityXSSDetectVariables
10
{
11
private
$parsed =
false
;
12
private
$searchValuesWithQuotes =
array
();
13
private
$searchValuesWithoutQuotes =
array
();
14
private
$originalValues =
array
();
15
20
public
function
addVariable
(
$name
, $value)
21
{
22
$this->originalValues[
$name
] = $value;
23
}
24
28
public
function
getQuoteSearchValues
()
29
{
30
$this->
lazyParseVariables
();
31
return
$this->searchValuesWithQuotes;
32
}
33
37
public
function
getSearchValues
()
38
{
39
$this->
lazyParseVariables
();
40
return
$this->searchValuesWithoutQuotes;
41
}
42
46
public
function
isEmpty
()
47
{
48
return
(empty($this->originalValues));
49
}
50
57
protected
function
pushValue
(
$name
, $value, $containsQuote =
false
)
58
{
59
if
($containsQuote)
60
$this->searchValuesWithQuotes[] =
array
(
"name"
=>
$name
,
"value"
=> $value);
61
else
62
$this->searchValuesWithoutQuotes[] =
array
(
"name"
=>
$name
,
"value"
=> $value);
63
64
return
true
;
65
}
66
71
protected
function
parseVariable
(
$name
, $value)
72
{
73
if
(!$value)
74
return
;
75
76
if
(preg_match(
"/[^\\\](((\\\)(\\\))*+')+/s"
,
" "
.$value))
77
{
78
$encodedValue =
htmlspecialcharsbx
($value);
79
$this->
pushValue
(
80
$name
,
81
$value,
82
true
83
);
84
85
if
($encodedValue && $encodedValue !== $value)
86
{
87
$this->
pushValue
(
88
$name
,
89
$encodedValue,
90
true
91
);
92
}
93
}
94
elseif
(preg_match(
"/[^\\\](((\\\)(\\\))*+\")+/s"
,
" "
.$value))
95
{
96
$this->
pushValue
(
97
$name
,
98
$value,
99
true
100
);
101
}
102
else
103
{
104
$encodedValue =
htmlspecialcharsbx
($value);
105
$this->
pushValue
(
106
$name
,
107
$value,
108
false
109
);
110
111
if
($encodedValue && $encodedValue !== $value)
112
{
113
$this->
pushValue
(
114
$name
,
115
$encodedValue,
116
false
117
);
118
}
119
}
120
}
121
125
protected
function
lazyParseVariables
()
126
{
127
if
($this->parsed)
128
return
;
129
130
$this->parsed =
true
;
131
foreach
($this->originalValues as
$name
=> $value)
132
{
133
$this->
parseVariable
(
$name
, $value);
134
}
135
}
136
}
CSecurityXSSDetectVariables
Определения
post_filter_variables.php:10
CSecurityXSSDetectVariables\getSearchValues
getSearchValues()
Определения
post_filter_variables.php:37
CSecurityXSSDetectVariables\lazyParseVariables
lazyParseVariables()
Определения
post_filter_variables.php:125
CSecurityXSSDetectVariables\pushValue
pushValue($name, $value, $containsQuote=false)
Определения
post_filter_variables.php:57
CSecurityXSSDetectVariables\addVariable
addVariable($name, $value)
Определения
post_filter_variables.php:20
CSecurityXSSDetectVariables\parseVariable
parseVariable($name, $value)
Определения
post_filter_variables.php:71
CSecurityXSSDetectVariables\getQuoteSearchValues
getQuoteSearchValues()
Определения
post_filter_variables.php:28
CSecurityXSSDetectVariables\isEmpty
isEmpty()
Определения
post_filter_variables.php:46
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения
file_new.php:804
htmlspecialcharsbx
htmlspecialcharsbx($string, $flags=ENT_COMPAT, $doubleEncode=true)
Определения
tools.php:2701
$name
$name
Определения
menu_edit.php:35
elseif
if( $daysToExpire >=0 &&$daysToExpire< 60 elseif)( $daysToExpire< 0)
Определения
prolog_main_admin.php:393
bitrix
modules
security
classes
general
post_filter_variables.php
Создано системой
1.14.0
1.14.0 1.14.0