1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
wiki_security.php
См. документацию.
1<?
2
3IncludeModuleLangFile(__FILE__);
4
5class CWikiSecurity
6{
7 var $_filters = false;
8
9 function __construct($char = false)
10 {
11 if($char === false)
12 $char = " ";
13
14 $_M='(?:[\x09\x0a\x0d\\\\]*)';
15 $_M3='(?:[\x09\x0a\x0d\\\\\s]*)';
16 $_M2='(?:(?:[\x09\x0a\x0d\\\\\s]|(?:\/\*.*?\*\/))*)';
17
18 $_Jj ="(?:j|(?:\\\\0*[64]a))";
19 $_Ja ="(?:a|(?:\\\\0*[64]1))";
20 $_Jb ="(?:b|(?:\\\\0*[64]2))";
21
22 $_Jv ="(?:v|(?:\\\\0*[75]6))";
23 $_Js ="(?:s|(?:\\\\0*[75]3))";
24 $_Jc ="(?:c|(?:\\\\0*[64]3))";
25 $_Jr ="(?:r|(?:\\\\0*[75]2))";
26 $_Ji ="(?:i|(?:\\\\0*[64]9))";
27 $_Jp ="(?:p|(?:\\\\0*[75]0))";
28 $_Jt ="(?:t|(?:\\\\0*[75]4))";
29
30 $_Je ="(?:e|(?:\\\\0*[64]5))";
31 $_Jx ="(?:x|(?:\\\\0*[75]8))";
32 $_Jo ="(?:o|(?:\\\\0*[64]f))";
33 $_Jn ="(?:n|(?:\\\\0*[64]e))";
34
35 $_Jm ="(?:m|(?:\\\\0*[64]d))";
36
37 $_Jh ="(?:h|(?:\\\\0*[64]8))";
38
39 $_Jgav ="(?:@|(?:\\\\0*40))";
40
41 $_Jdd="(?:\\:|=|(?:\\\\0*3a)|(?:\\\\0*3d))";
42 $_Jss="(?:\\(|(?:\\\\0*28))";
43
44 $_Jvopr="(?:\\?|(?:\\\\0*3f))";
45 $_Jgalka="(?:\\<|(?:\\\\0*3c))";
46
47 $_WS_OPT = "[\\x00\\x09\\x0A\\x0B\\x0C\\x0D\\s\\\\]*";
48
49 if(!$this->_filters)
50 {
51 $this->_filters = array(
52 "" => array("\\1 * \\2" /*space is not enought*/, array(
53 "/({$_Jb}{$_M}{$_Je}{$_M}{$_Jh}{$_M})({$_Ja}{$_M}{$_Jv}{$_M}{$_Ji}{$_M}{$_Jo}{$_M}{$_Jr}{$_WS_OPT}{$_Jdd})/is",
54 "/({$_Jgav}{$_M}{$_Ji}{$_M}{$_Jm})({$_M}{$_Jp}{$_M}{$_Jo}{$_M}{$_Jr}{$_M}{$_Jt})/",
55 "/({$_Jgalka}{$_Jvopr}{$_M}{$_Ji}{$_M})({$_Jm}{$_M}{$_Jp}{$_M}{$_Jo}{$_M}{$_Jr}{$_M}{$_Jt})/is",
56 "/({$_Jj}{$_M3}{$_Ja}{$_M3}{$_Jv}{$_M3})({$_Ja}{$_M3}{$_Js}{$_M3}{$_Jc}{$_M3}{$_Jr}{$_M3}{$_Ji}{$_M3}{$_Jp}{$_M3}{$_Jt}{$_M3}{$_Jdd})/is",
57 "/({$_Jv}{$_M3}{$_Jb}{$_M3})({$_Js}{$_M3}{$_Jc}{$_M3}{$_Jr}{$_M3}{$_Ji}{$_M3}{$_Jp}{$_M3}{$_Jt}{$_M3}{$_Jdd})/is",
58 "/({$_Je}{$_M2}{$_Jx}{$_M2})({$_Jp}{$_M2}{$_Jr}{$_M2}{$_Je}{$_M2}{$_Js}{$_M2}{$_Js}{$_M2}{$_Ji}{$_M2}{$_Jo}{$_M2}{$_Jn}{$_M2}{$_Jss})/is",
59 )),
60
61 "<" => array("\\1{$char}\\2", array(
62 "/(<{$_M}s{$_M}c{$_M})(r{$_M}i{$_M}p{$_M}t)/is",
63 "/(<{$_M}x{$_M}:{$_M}s{$_M}c{$_M})(r{$_M}i{$_M}p{$_M}t)/is",
64 "/(<{$_M}a{$_M}p{$_M}p{$_M})(l{$_M}e{$_M}t)/is",
65 "/(<{$_M}e{$_M}m{$_M}b)(e{$_M}d)/is",
66 "/(<{$_M}s{$_M}t{$_M})(y{$_M}l{$_M}e)/is",
67 "/(<{$_M}f{$_M}r{$_M}a{$_M})(m{$_M}e)/is",
68 "/(<{$_M}i{$_M}f{$_M}r{$_M})(a{$_M}m{$_M}e)/is",
69 "/(<{$_M}f{$_M}o{$_M})(r{$_M}m)/is",
70 "/(\.{$_M}c{$_M}o{$_M})(o{$_M}k{$_M}i{$_M}e)/is",
71 "/(<{$_M}o{$_M}b{$_M})(j{$_M}e{$_M}c{$_M}t)/is",
72 "/(<{$_M}l{$_M}i{$_M})(n{$_M}k)/is",
73 "/(<{$_M}m{$_M}e{$_M}t)({$_M}a)/is",
74 "/(<{$_M}L{$_M}A{$_M}Y{$_M})(E{$_M}R)/is",
75 "/(<{$_M}h{$_M}t{$_M})(m{$_M}l)/is",
76 "/(<{$_M}x{$_M}m{$_M})(l)/is",
77 "/(<{$_M}b{$_M}a{$_M})(s{$_M}e)/is",
78 )),
79
80 "=" => array("\\1{$char}\\2", array(
81 "/([\W]s{$_M}t{$_M})(y{$_M}l{$_M}e{$_WS_OPT}\=)(?!\\s*\"(\\s*[a-z-]+\\s*:\\s*([0-9a-z\\s%,.#-]+|rgb\\s*\\([0-9,\\s]+\\))\\s*;{0,1}){0,}\\s*\")(?!\\s*&quot;(\\s*[a-z-]+\\s*:\\s*([0-9a-z\\s%,.#-]+|rgb\\s*\\([0-9,\\s]+\\))\\s*;{0,1}){0,}\\s*&quot;)/is",
82 "/(f{$_M}o{$_M}r{$_M})(m{$_M}a{$_M}c{$_M}t{$_M}i{$_M}o{$_M}n{$_WS_OPT}\=)/is",
83
84 "/(o{$_M}n{$_M}A{$_M})(b{$_M}o{$_M}r{$_M}t{$_WS_OPT}\=)/is",
85 "/(o{$_M}n{$_M}B{$_M})(l{$_M}u{$_M}r{$_WS_OPT}\=)/is",
86 "/(o{$_M}n{$_M}C{$_M})(h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
87 "/(o{$_M}n{$_M}C{$_M})(l{$_M}i{$_M}c{$_M}k{$_WS_OPT}\=)/is",
88 "/(o{$_M}n{$_M}D{$_M})(b{$_M}l{$_M}C{$_M}l{$_M}i{$_M}c{$_M}k{$_WS_OPT}\=)/is",
89 "/(o{$_M}n{$_M}E{$_M})(r{$_M}r{$_M}o{$_M}r{$_WS_OPT}\=)/is",
90 "/(o{$_M}n{$_M}F{$_M})(o{$_M}c{$_M}u{$_M}s{$_WS_OPT}\=)/is",
91 "/(o{$_M}n{$_M}K{$_M})(e{$_M}y{$_M}D{$_M}o{$_M}w{$_M}n{$_WS_OPT}\=)/is",
92 "/(o{$_M}n{$_M}K{$_M})(e{$_M}y{$_M}P{$_M}r{$_M}e{$_M}s{$_M}s{$_WS_OPT}\=)/is",
93 "/(o{$_M}n{$_M}K{$_M})(e{$_M}y{$_M}U{$_M}p{$_WS_OPT}\=)/is",
94 "/(o{$_M}n{$_M}L{$_M})(o{$_M}a{$_M}d{$_WS_OPT}\=)/is",
95 "/(o{$_M}n{$_M}M{$_M})(o{$_M}u{$_M}s{$_M}e{$_M}D{$_M}o{$_M}w{$_M}n{$_WS_OPT}\=)/is",
96 "/(o{$_M}n{$_M}M{$_M})(o{$_M}u{$_M}s{$_M}e{$_M}M{$_M}o{$_M}v{$_M}e{$_WS_OPT}\=)/is",
97 "/(o{$_M}n{$_M}M{$_M})(o{$_M}u{$_M}s{$_M}e{$_M}O{$_M}u{$_M}t{$_WS_OPT}\=)/is",
98 "/(o{$_M}n{$_M}M{$_M})(o{$_M}u{$_M}s{$_M}e{$_M}O{$_M}v{$_M}e{$_M}r{$_WS_OPT}\=)/is",
99 "/(o{$_M}n{$_M}M{$_M})(o{$_M}u{$_M}s{$_M}e{$_M}U{$_M}p{$_WS_OPT}\=)/is",
100 "/(o{$_M}n{$_M}M{$_M})(o{$_M}v{$_M}e{$_WS_OPT}\=)/is",
101 "/(o{$_M}n{$_M}R{$_M})(e{$_M}s{$_M}e{$_M}t{$_WS_OPT}\=)/is",
102 "/(o{$_M}n{$_M}R{$_M})(e{$_M}s{$_M}i{$_M}z{$_M}e{$_WS_OPT}\=)/is",
103 "/(o{$_M}n{$_M}S{$_M})(e{$_M}l{$_M}e{$_M}c{$_M}t{$_WS_OPT}\=)/is",
104 "/(o{$_M}n{$_M}S{$_M})(u{$_M}b{$_M}m{$_M}i{$_M}t{$_WS_OPT}\=)/is",
105 "/(o{$_M}n{$_M}U{$_M})(n{$_M}l{$_M}o{$_M}a{$_M}d{$_WS_OPT}\=)/is",
106
107 "/(o{$_M}n{$_M}m{$_M}o{$_M})(u{$_M}s{$_M}e{$_M}l{$_M}e{$_M}a{$_M}v{$_M}e{$_WS_OPT}\=)/is",
108 "/(o{$_M}n{$_M}m{$_M}o{$_M}u{$_M})(s{$_M}e{$_M}e{$_M}n{$_M}t{$_M}e{$_M}r{$_WS_OPT}\=)/is",
109 "/(o{$_M}n{$_M}s{$_M}e{$_M}l{$_M})(e{$_M}c{$_M}t{$_M}s{$_M}t{$_M}a{$_M}r{$_M}t{$_WS_OPT}\=)/is",
110 "/(o{$_M}n{$_M}s{$_M}e{$_M}l{$_M})(e{$_M}c{$_M}t{$_M}e{$_M}n{$_M}d{$_WS_OPT}\=)/is",
111
112 "/(o{$_M}n{$_M}a{$_M}f{$_M})(t{$_M}e{$_M}r{$_M}p{$_M}r{$_M}i{$_M}n{$_M}t{$_WS_OPT}\=)/is",
113 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}p{$_M}r{$_M}i{$_M}n{$_M}t{$_WS_OPT}\=)/is",
114 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}o{$_M}n{$_M}l{$_M}o{$_M}a{$_M}d{$_WS_OPT}\=)/is",
115 "/(o{$_M}n{$_M}h{$_M}a{$_M})(s{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
116 "/(o{$_M}n{$_M}m{$_M}e{$_M})(s{$_M}s{$_M}a{$_M}g{$_M}e{$_WS_OPT}\=)/is",
117 "/(o{$_M}n{$_M}o{$_M}f{$_M})(f{$_M}l{$_M}i{$_M}n{$_M}e{$_WS_OPT}\=)/is",
118 "/(o{$_M}n{$_M}o{$_M}n{$_M})(l{$_M}i{$_M}n{$_M}e{$_WS_OPT}\=)/is",
119 "/(o{$_M}n{$_M}p{$_M}a{$_M})(g{$_M}e{$_M}h{$_M}i{$_M}d{$_M}e{$_WS_OPT}\=)/is",
120 "/(o{$_M}n{$_M}p{$_M}a{$_M})(g{$_M}e{$_M}s{$_M}h{$_M}o{$_M}w{$_WS_OPT}\=)/is",
121 "/(o{$_M}n{$_M}p{$_M}o{$_M})(p{$_M}s{$_M}t{$_M}a{$_M}t{$_M}e{$_WS_OPT}\=)/is",
122 "/(o{$_M}n{$_M}r{$_M}e{$_M})(d{$_M}o{$_WS_OPT}\=)/is",
123 "/(o{$_M}n{$_M}s{$_M}t{$_M})(o{$_M}r{$_M}a{$_M}g{$_M}e{$_WS_OPT}\=)/is",
124 "/(o{$_M}n{$_M}u{$_M}n{$_M})(d{$_M}o{$_WS_OPT}\=)/is",
125 "/(o{$_M}n{$_M}c{$_M}o{$_M})(n{$_M}t{$_M}e{$_M}x{$_M}t{$_M}m{$_M}e{$_M}n{$_M}u{$_WS_OPT}\=)/is",
126 "/(o{$_M}n{$_M}f{$_M}o{$_M})(r{$_M}m{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
127 "/(o{$_M}n{$_M}f{$_M}o{$_M})(r{$_M}m{$_M}i{$_M}n{$_M}p{$_M}u{$_M}t{$_WS_OPT}\=)/is",
128 "/(o{$_M}n{$_M}i{$_M}n{$_M})(p{$_M}u{$_M}t{$_WS_OPT}\=)/is",
129 "/(o{$_M}n{$_M}i{$_M}n{$_M})(v{$_M}a{$_M}l{$_M}i{$_M}d{$_WS_OPT}\=)/is",
130 "/(o{$_M}n{$_M}d{$_M}r{$_M})(a{$_M}g{$_WS_OPT}\=)/is",
131 "/(o{$_M}n{$_M}d{$_M}r{$_M})(a{$_M}g{$_M}e{$_M}n{$_M}d{$_WS_OPT}\=)/is",
132 "/(o{$_M}n{$_M}d{$_M}r{$_M})(a{$_M}g{$_M}e{$_M}n{$_M}t{$_M}e{$_M}r{$_WS_OPT}\=)/is",
133 "/(o{$_M}n{$_M}d{$_M}r{$_M})(a{$_M}g{$_M}l{$_M}e{$_M}a{$_M}v{$_M}e{$_WS_OPT}\=)/is",
134 "/(o{$_M}n{$_M}d{$_M}r{$_M})(a{$_M}g{$_M}o{$_M}v{$_M}e{$_M}r{$_WS_OPT}\=)/is",
135 "/(o{$_M}n{$_M}d{$_M}r{$_M})(a{$_M}g{$_M}s{$_M}t{$_M}a{$_M}r{$_M}t{$_WS_OPT}\=)/is",
136 "/(o{$_M}n{$_M}d{$_M}r{$_M})(o{$_M}p{$_WS_OPT}\=)/is",
137 "/(o{$_M}n{$_M}m{$_M}o{$_M})(u{$_M}s{$_M}e{$_M}w{$_M}h{$_M}e{$_M}e{$_M}l{$_WS_OPT}\=)/is",
138 "/(o{$_M}n{$_M}s{$_M}c{$_M})(r{$_M}o{$_M}l{$_M}l{$_WS_OPT}\=)/is",
139 "/(o{$_M}n{$_M}c{$_M}a{$_M})(n{$_M}p{$_M}l{$_M}a{$_M}y{$_WS_OPT}\=)/is",
140 "/(o{$_M}n{$_M}c{$_M}a{$_M})(n{$_M}p{$_M}l{$_M}a{$_M}y{$_M}t{$_M}h{$_M}r{$_M}o{$_M}u{$_M}g{$_M}h{$_WS_OPT}\=)/is",
141 "/(o{$_M}n{$_M}d{$_M}u{$_M})(r{$_M}a{$_M}t{$_M}i{$_M}o{$_M}n{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
142 "/(o{$_M}n{$_M}e{$_M}m{$_M})(p{$_M}t{$_M}i{$_M}e{$_M}d{$_WS_OPT}\=)/is",
143 "/(o{$_M}n{$_M}e{$_M}n{$_M})(d{$_M}e{$_M}d{$_WS_OPT}\=)/is",
144 "/(o{$_M}n{$_M}l{$_M}o{$_M})(a{$_M}d{$_M}e{$_M}d{$_M}d{$_M}a{$_M}t{$_M}a{$_WS_OPT}\=)/is",
145 "/(o{$_M}n{$_M}l{$_M}o{$_M})(a{$_M}d{$_M}e{$_M}d{$_M}m{$_M}e{$_M}t{$_M}a{$_M}d{$_M}a{$_M}t{$_M}a{$_WS_OPT}\=)/is",
146 "/(o{$_M}n{$_M}l{$_M}o{$_M})(a{$_M}d{$_M}s{$_M}t{$_M}a{$_M}r{$_M}t{$_WS_OPT}\=)/is",
147 "/(o{$_M}n{$_M}p{$_M}a{$_M})(u{$_M}s{$_M}e{$_WS_OPT}\=)/is",
148 "/(o{$_M}n{$_M}p{$_M}l{$_M})(a{$_M}y{$_WS_OPT}\=)/is",
149 "/(o{$_M}n{$_M}p{$_M}l{$_M})(a{$_M}y{$_M}i{$_M}n{$_M}g{$_WS_OPT}\=)/is",
150 "/(o{$_M}n{$_M}p{$_M}r{$_M})(o{$_M}g{$_M}r{$_M}e{$_M}s{$_M}s{$_WS_OPT}\=)/is",
151 "/(o{$_M}n{$_M}r{$_M}a{$_M})(t{$_M}e{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
152 "/(o{$_M}n{$_M}r{$_M}e{$_M})(a{$_M}d{$_M}y{$_M}s{$_M}t{$_M}a{$_M}t{$_M}e{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
153 "/(o{$_M}n{$_M}s{$_M}e{$_M})(e{$_M}k{$_M}e{$_M}d{$_WS_OPT}\=)/is",
154 "/(o{$_M}n{$_M}s{$_M}e{$_M})(e{$_M}k{$_M}i{$_M}n{$_M}g{$_WS_OPT}\=)/is",
155 "/(o{$_M}n{$_M}s{$_M}t{$_M})(a{$_M}l{$_M}l{$_M}e{$_M}d{$_WS_OPT}\=)/is",
156 "/(o{$_M}n{$_M}s{$_M}u{$_M})(s{$_M}p{$_M}e{$_M}n{$_M}d{$_WS_OPT}\=)/is",
157 "/(o{$_M}n{$_M}t{$_M}i{$_M})(m{$_M}e{$_M}u{$_M}p{$_M}d{$_M}a{$_M}t{$_M}e{$_WS_OPT}\=)/is",
158 "/(o{$_M}n{$_M}v{$_M}o{$_M})(l{$_M}u{$_M}m{$_M}e{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
159 "/(o{$_M}n{$_M}w{$_M}a{$_M})(i{$_M}t{$_M}i{$_M}n{$_M}g{$_WS_OPT}\=)/is",
160 "/(o{$_M}n{$_M}t{$_M}i{$_M})(m{$_M}e{$_M}e{$_M}r{$_M}r{$_M}o{$_M}r{$_WS_OPT}\=)/is",
161 "/(o{$_M}n{$_M}e{$_M}n{$_M})(d{$_WS_OPT}\=)/is",
162 "/(o{$_M}n{$_M}b{$_M}e{$_M})(g{$_M}i{$_M}n{$_WS_OPT}\=)/is",
163 "/(o{$_M}n{$_M}m{$_M}e{$_M})(d{$_M}i{$_M}a{$_M}c{$_M}o{$_M}m{$_M}p{$_M}l{$_M}e{$_M}t{$_M}e{$_WS_OPT}\=)/is",
164 "/(o{$_M}n{$_M}m{$_M}e{$_M})(d{$_M}i{$_M}a{$_M}l{$_M}o{$_M}a{$_M}d{$_M}f{$_M}a{$_M}i{$_M}l{$_M}e{$_M}d{$_WS_OPT}\=)/is",
165 "/(o{$_M}n{$_M}m{$_M}e{$_M})(d{$_M}i{$_M}a{$_M}s{$_M}l{$_M}i{$_M}p{$_WS_OPT}\=)/is",
166 "/(o{$_M}n{$_M}r{$_M}e{$_M})(p{$_M}e{$_M}a{$_M}t{$_WS_OPT}\=)/is",
167 "/(o{$_M}n{$_M}r{$_M}e{$_M})(s{$_M}u{$_M}m{$_M}e{$_WS_OPT}\=)/is",
168 "/(o{$_M}n{$_M}r{$_M}e{$_M})(s{$_M}y{$_M}n{$_M}c{$_WS_OPT}\=)/is",
169 "/(o{$_M}n{$_M}r{$_M}e{$_M})(v{$_M}e{$_M}r{$_M}s{$_M}e{$_WS_OPT}\=)/is",
170 "/(o{$_M}n{$_M}s{$_M}c{$_M})(r{$_M}i{$_M}p{$_M}t{$_M}c{$_M}o{$_M}m{$_M}m{$_M}a{$_M}n{$_M}d{$_WS_OPT}\=)/is",
171 "/(o{$_M}n{$_M}m{$_M}e{$_M})(d{$_M}i{$_M}a{$_M}e{$_M}r{$_M}r{$_M}o{$_M}r{$_WS_OPT}\=)/is",
172 "/(o{$_M}n{$_M}o{$_M}u{$_M})(t{$_M}o{$_M}f{$_M}s{$_M}y{$_M}n{$_M}c{$_WS_OPT}\=)/is",
173 "/(o{$_M}n{$_M}s{$_M}e{$_M})(e{$_M}k{$_WS_OPT}\=)/is",
174 "/(o{$_M}n{$_M}s{$_M}y{$_M})(n{$_M}c{$_M}r{$_M}e{$_M}s{$_M}t{$_M}o{$_M}r{$_M}e{$_M}d{$_WS_OPT}\=)/is",
175 "/(o{$_M}n{$_M}t{$_M}r{$_M})(a{$_M}c{$_M}k{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
176 "/(o{$_M}n{$_M}u{$_M}r{$_M})(l{$_M}f{$_M}l{$_M}i{$_M}p{$_WS_OPT}\=)/is",
177 "/(o{$_M}n{$_M}s{$_M}t{$_M})(a{$_M}r{$_M}t{$_WS_OPT}\=)/is",
178 "/(o{$_M}n{$_M}a{$_M}c{$_M})(t{$_M}i{$_M}v{$_M}a{$_M}t{$_M}e{$_WS_OPT}\=)/is",
179 "/(o{$_M}n{$_M}a{$_M}f{$_M})(t{$_M}e{$_M}r{$_M}u{$_M}p{$_M}d{$_M}a{$_M}t{$_M}e{$_WS_OPT}\=)/is",
180 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}a{$_M}c{$_M}t{$_M}i{$_M}v{$_M}a{$_M}t{$_M}e{$_WS_OPT}\=)/is",
181 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}c{$_M}o{$_M}p{$_M}y{$_WS_OPT}\=)/is",
182 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}c{$_M}u{$_M}t{$_WS_OPT}\=)/is",
183 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}d{$_M}e{$_M}a{$_M}c{$_M}t{$_M}i{$_M}v{$_M}a{$_M}t{$_M}e{$_WS_OPT}\=)/is",
184 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}e{$_M}d{$_M}i{$_M}t{$_M}f{$_M}o{$_M}c{$_M}u{$_M}s{$_WS_OPT}\=)/is",
185 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}p{$_M}a{$_M}s{$_M}t{$_M}e{$_WS_OPT}\=)/is",
186 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}u{$_M}n{$_M}l{$_M}o{$_M}a{$_M}d{$_WS_OPT}\=)/is",
187 "/(o{$_M}n{$_M}b{$_M}e{$_M})(f{$_M}o{$_M}r{$_M}e{$_M}u{$_M}p{$_M}d{$_M}a{$_M}t{$_M}e{$_WS_OPT}\=)/is",
188 "/(o{$_M}n{$_M}b{$_M}o{$_M})(u{$_M}n{$_M}c{$_M}e{$_WS_OPT}\=)/is",
189 "/(o{$_M}n{$_M}c{$_M}e{$_M})(l{$_M}l{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
190 "/(o{$_M}n{$_M}c{$_M}o{$_M})(n{$_M}t{$_M}r{$_M}o{$_M}l{$_M}s{$_M}e{$_M}l{$_M}e{$_M}c{$_M}t{$_WS_OPT}\=)/is",
191 "/(o{$_M}n{$_M}c{$_M}o{$_M})(p{$_M}y{$_WS_OPT}\=)/is",
192 "/(o{$_M}n{$_M}c{$_M}u{$_M})(t{$_WS_OPT}\=)/is",
193 "/(o{$_M}n{$_M}d{$_M}a{$_M})(t{$_M}a{$_M}a{$_M}v{$_M}a{$_M}i{$_M}l{$_M}a{$_M}b{$_M}l{$_M}e{$_WS_OPT}\=)/is",
194 "/(o{$_M}n{$_M}d{$_M}a{$_M})(t{$_M}a{$_M}s{$_M}e{$_M}t{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_M}d{$_WS_OPT}\=)/is",
195 "/(o{$_M}n{$_M}d{$_M}a{$_M})(t{$_M}a{$_M}s{$_M}e{$_M}t{$_M}c{$_M}o{$_M}m{$_M}p{$_M}l{$_M}e{$_M}t{$_M}e{$_WS_OPT}\=)/is",
196 "/(o{$_M}n{$_M}d{$_M}e{$_M})(a{$_M}c{$_M}t{$_M}i{$_M}v{$_M}a{$_M}t{$_M}e{$_WS_OPT}\=)/is",
197 "/(o{$_M}n{$_M}e{$_M}r{$_M})(r{$_M}o{$_M}r{$_M}u{$_M}p{$_M}d{$_M}a{$_M}t{$_M}e{$_WS_OPT}\=)/is",
198 "/(o{$_M}n{$_M}f{$_M}i{$_M})(l{$_M}t{$_M}e{$_M}r{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
199 "/(o{$_M}n{$_M}f{$_M}i{$_M})(n{$_M}i{$_M}s{$_M}h{$_WS_OPT}\=)/is",
200 "/(o{$_M}n{$_M}f{$_M}o{$_M})(c{$_M}u{$_M}s{$_M}i{$_M}n{$_WS_OPT}\=)/is",
201 "/(o{$_M}n{$_M}f{$_M}o{$_M})(c{$_M}u{$_M}s{$_M}o{$_M}u{$_M}t{$_WS_OPT}\=)/is",
202 "/(o{$_M}n{$_M}h{$_M}a{$_M})(s{$_M}h{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
203 "/(o{$_M}n{$_M}h{$_M}e{$_M})(l{$_M}p{$_WS_OPT}\=)/is",
204 "/(o{$_M}n{$_M}l{$_M}a{$_M})(y{$_M}o{$_M}u{$_M}t{$_M}c{$_M}o{$_M}m{$_M}p{$_M}l{$_M}e{$_M}t{$_M}e{$_WS_OPT}\=)/is",
205 "/(o{$_M}n{$_M}l{$_M}o{$_M})(s{$_M}e{$_M}c{$_M}a{$_M}p{$_M}t{$_M}u{$_M}r{$_M}e{$_WS_OPT}\=)/is",
206 "/(o{$_M}n{$_M}m{$_M}o{$_M})(v{$_M}e{$_M}e{$_M}n{$_M}d{$_WS_OPT}\=)/is",
207 "/(o{$_M}n{$_M}m{$_M}o{$_M})(v{$_M}e{$_M}s{$_M}t{$_M}a{$_M}r{$_M}t{$_WS_OPT}\=)/is",
208 "/(o{$_M}n{$_M}m{$_M}s{$_M})(s{$_M}i{$_M}t{$_M}e{$_M}m{$_M}o{$_M}d{$_M}e{$_M}j{$_M}u{$_M}m{$_M}p{$_M}l{$_M}i{$_M}s{$_M}t{$_M}i{$_M}t{$_M}e{$_M}m{$_M}r{$_M}e{$_M}m{$_M}o{$_M}v{$_M}e{$_M}d{$_WS_OPT}\=)/is",
209 "/(o{$_M}n{$_M}m{$_M}s{$_M})(t{$_M}h{$_M}u{$_M}m{$_M}b{$_M}n{$_M}a{$_M}i{$_M}l{$_M}c{$_M}l{$_M}i{$_M}c{$_M}k{$_WS_OPT}\=)/is",
210 "/(o{$_M}n{$_M}p{$_M}a{$_M})(g{$_M}e{$_WS_OPT}\=)/is",
211 "/(o{$_M}n{$_M}p{$_M}a{$_M})(s{$_M}t{$_M}e{$_WS_OPT}\=)/is",
212 "/(o{$_M}n{$_M}p{$_M}r{$_M})(o{$_M}p{$_M}e{$_M}r{$_M}t{$_M}y{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
213 "/(o{$_M}n{$_M}r{$_M}e{$_M})(s{$_M}i{$_M}z{$_M}e{$_M}e{$_M}n{$_M}d{$_WS_OPT}\=)/is",
214 "/(o{$_M}n{$_M}r{$_M}e{$_M})(s{$_M}i{$_M}z{$_M}e{$_M}s{$_M}t{$_M}a{$_M}r{$_M}t{$_WS_OPT}\=)/is",
215 "/(o{$_M}n{$_M}r{$_M}o{$_M})(w{$_M}e{$_M}n{$_M}t{$_M}e{$_M}r{$_WS_OPT}\=)/is",
216 "/(o{$_M}n{$_M}r{$_M}o{$_M})(w{$_M}e{$_M}x{$_M}i{$_M}t{$_WS_OPT}\=)/is",
217 "/(o{$_M}n{$_M}r{$_M}o{$_M})(w{$_M}s{$_M}d{$_M}e{$_M}l{$_M}e{$_M}t{$_M}e{$_WS_OPT}\=)/is",
218 "/(o{$_M}n{$_M}r{$_M}o{$_M})(w{$_M}s{$_M}i{$_M}n{$_M}s{$_M}e{$_M}r{$_M}t{$_M}e{$_M}d{$_WS_OPT}\=)/is",
219 "/(o{$_M}n{$_M}s{$_M}e{$_M})(l{$_M}e{$_M}c{$_M}t{$_M}i{$_M}o{$_M}n{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
220 "/(o{$_M}n{$_M}s{$_M}t{$_M})(o{$_M}p{$_WS_OPT}\=)/is",
221 "/(o{$_M}n{$_M}s{$_M}t{$_M})(o{$_M}r{$_M}a{$_M}g{$_M}e{$_M}c{$_M}o{$_M}m{$_M}m{$_M}i{$_M}t{$_WS_OPT}\=)/is",
222 "/(o{$_M}n{$_M}t{$_M}i{$_M})(m{$_M}e{$_M}o{$_M}u{$_M}t{$_WS_OPT}\=)/is",
223 "/(o{$_M}n{$_M}r{$_M}e{$_M})(a{$_M}d{$_M}y{$_M}s{$_M}t{$_M}a{$_M}t{$_M}e{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_M}d{$_WS_OPT}\=)/is",
224
225 "/(o{$_M}n{$_M}s{$_M}e{$_M})(a{$_M}r{$_M}c{$_M}h{$_WS_OPT}\=)/is",
226 "/(o{$_M}n{$_M}w{$_M}e{$_M})(b{$_M}k{$_M}i{$_M}t{$_M}f{$_M}u{$_M}l{$_M}l{$_M}s{$_M}c{$_M}r{$_M}e{$_M}e{$_M}n{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_WS_OPT}\=)/is",
227 "/(o{$_M}n{$_M}z{$_M}o{$_M})(o{$_M}m{$_WS_OPT}\=)/is",
228 "/(o{$_M}n{$_M}t{$_M}o{$_M})(u{$_M}c{$_M}h{$_M}s{$_M}t{$_M}a{$_M}r{$_M}t{$_WS_OPT}\=)/is",
229 "/(o{$_M}n{$_M}t{$_M}o{$_M})(u{$_M}c{$_M}h{$_M}m{$_M}o{$_M}v{$_M}e{$_WS_OPT}\=)/is",
230 "/(o{$_M}n{$_M}t{$_M}o{$_M})(u{$_M}c{$_M}h{$_M}e{$_M}n{$_M}d{$_WS_OPT}\=)/is",
231 "/(o{$_M}n{$_M}t{$_M}o{$_M})(u{$_M}c{$_M}h{$_M}c{$_M}a{$_M}n{$_M}c{$_M}e{$_M}l{$_WS_OPT}\=)/is",
232 "/(o{$_M}n{$_M}g{$_M}e{$_M})(s{$_M}t{$_M}u{$_M}r{$_M}e{$_M}s{$_M}t{$_M}a{$_M}r{$_M}t{$_WS_OPT}\=)/is",
233 "/(o{$_M}n{$_M}g{$_M}e{$_M})(s{$_M}t{$_M}u{$_M}r{$_M}e{$_M}c{$_M}h{$_M}a{$_M}n{$_M}g{$_M}e{$_WS_OPT}\=)/is",
234 "/(o{$_M}n{$_M}g{$_M}e{$_M})(s{$_M}t{$_M}u{$_M}r{$_M}e{$_M}e{$_M}n{$_M}d{$_WS_OPT}\=)/is",
235 "/(o{$_M}n{$_M}w{$_M}e{$_M})(b{$_M}k{$_M}i{$_M}t{$_M}a{$_M}n{$_M}i{$_M}m{$_M}a{$_M}t{$_M}i{$_M}o{$_M}n{$_M}s{$_M}t{$_M}a{$_M}r{$_M}t{$_WS_OPT}\=)/is",
236 "/(o{$_M}n{$_M}w{$_M}e{$_M})(b{$_M}k{$_M}i{$_M}t{$_M}a{$_M}n{$_M}i{$_M}m{$_M}a{$_M}t{$_M}i{$_M}o{$_M}n{$_M}e{$_M}n{$_M}d{$_WS_OPT}\=)/is",
237 "/(o{$_M}n{$_M}w{$_M}e{$_M})(b{$_M}k{$_M}i{$_M}t{$_M}a{$_M}n{$_M}i{$_M}m{$_M}a{$_M}t{$_M}i{$_M}o{$_M}n{$_M}i{$_M}t{$_M}e{$_M}r{$_M}a{$_M}t{$_M}i{$_M}o{$_M}n{$_WS_OPT}\=)/is",
238 "/(o{$_M}n{$_M}d{$_M}e{$_M})(v{$_M}i{$_M}c{$_M}e{$_M}o{$_M}r{$_M}i{$_M}e{$_M}n{$_M}t{$_M}a{$_M}t{$_M}i{$_M}o{$_M}n{$_WS_OPT}\=)/is",
239 "/(o{$_M}n{$_M}w{$_M}e{$_M})(b{$_M}k{$_M}i{$_M}t{$_M}t{$_M}r{$_M}a{$_M}n{$_M}s{$_M}i{$_M}t{$_M}i{$_M}o{$_M}n{$_M}e{$_M}n{$_M}d{$_WS_OPT}\=)/is",
240 "/(o{$_M}n{$_M}w{$_M}e{$_M})(b{$_M}k{$_M}i{$_M}t{$_M}b{$_M}e{$_M}g{$_M}i{$_M}n{$_M}f{$_M}u{$_M}l{$_M}l{$_M}s{$_M}c{$_M}r{$_M}e{$_M}e{$_M}n{$_WS_OPT}\=)/is",
241 "/(o{$_M}n{$_M}w{$_M}e{$_M})(b{$_M}k{$_M}i{$_M}t{$_M}e{$_M}n{$_M}d{$_M}f{$_M}u{$_M}l{$_M}l{$_M}s{$_M}c{$_M}r{$_M}e{$_M}e{$_M}n{$_WS_OPT}\=)/is",
242 )),
243
244 ":" => array("\\1{$char}\\2", array(
245 "/(u{$_M}r{$_M}n{$_M2}\:{$_M2}s{$_M})(c{$_M}h{$_M}e{$_M}m{$_M}a{$_M}s{$_M}\-{$_M}m{$_M}i{$_M}c{$_M}r{$_M}o{$_M}s{$_M}o{$_M}f{$_M}t{$_M}\-{$_M}c{$_M}o{$_M}m{$_M2}\:)/",
246 "/(d{$_M}a{$_M}t{$_M})(a{$_M}\:)/is",
247 )),
248
249 "-" => array("\\1{$char}\\2", array(
250 "/(\-{$_M}m{$_M}o{$_M}z{$_M}\-{$_M}b{$_M}i{$_M})(n{$_M}d{$_M}i{$_M}n{$_M}g{$_M}{$_WS_OPT}\:{$_WS_OPT}{$_M}u{$_M}r{$_M}l)/is",
251 )),
252
253 "(" => array("\\1{$char}\\2", array(
254 "/(f{$_M}r{$_M}o{$_M}m)({$_M}c{$_M}h{$_M}a{$_M}r{$_M}c{$_M}o{$_M}d{$_M}e{$_M3}\‍()/",
255 "/(u{$_M}n{$_M}e{$_M})(s{$_M}c{$_M}a{$_M}p{$_M}e{$_M3}\‍()/",
256 )),
257 );
258 }
259 }
260
261 function clear(&$str)
262 {
263 return $this->_dostr($str);
264 }
265
266 protected function _dostr(&$str)
267 {
268 if(preg_match("/^[A-Za-z0-9_.,-]*$/", $str))
269 return false;
270
271 $str1="";
272 $strY=$str;
273 while($str1 <> $strY)
274 {
275 $str1 = $strY;
276 $strY = $this->_decode($strY);
277 $strY = str_replace("\x00", "", $strY);
278 $strY = preg_replace("/\&\#0+(;|([^\d;]))/is", "\\2", $strY);
279 $strY = preg_replace("/\&\#x0+(;|([^\da-f;]))/is", "\\2", $strY);
280 }
281
282 $bResult = false;
283
284 $str2 = "";
285 $strX = $str1;
286 while($str2 <> $strX)
287 {
288 foreach($this->_filters as $ch => $filters)
289 {
290 if($ch == '' || mb_strpos($str2, $ch) !== false)
291 {
292 $str2 = $strX;
293 $strX = preg_replace($filters[1], $filters[0], $str2);
294 $bResult = true;
295 }
296 }
297 }
298
299 if($str2 <> $str1)
300 $str = $str2;
301 else
302 $str = $str1;
303
304 return $bResult;
305 }
306
307 /*
308 Function is used in regular expressions in order to decode characters presented as &#123;
309 */
310 function _decode_cb($in)
311 {
312 $ad = $in[2];
313 if($ad == ';')
314 $ad="";
315 $num = intval($in[1]);
316 return chr($num).$ad;
317 }
318
319 /*
320 Function is used in regular expressions in order to decode characters presented as &#xAB;
321 */
322 function _decode_cb_hex($in)
323 {
324 $ad = $in[2];
325 if($ad==';')
326 $ad="";
327 $num = intval(hexdec($in[1]));
328 return chr($num).$ad;
329 }
330
331 /*
332 Decodes string from html codes &#***;
333 One pass!
334 -- Decode only a-zA-Z:().=, because only theese are used in filters
335 */
336 function _decode($str)
337 {
338 $str = preg_replace_callback("/\&\#(\d+)([^\d])/is", array("CWikiSecurity", "_decode_cb"), $str);
339 $str = preg_replace_callback("/\&\#x([\da-f]+)([^\da-f])/is", array("CWikiSecurity", "_decode_cb_hex"), $str);
340 return str_replace('&colon;', ':', $str);
341 }
342
343}
344
345?>
CWikiSecurity
Определения wiki_security.php:6
CWikiSecurity\_decode_cb_hex
_decode_cb_hex($in)
Определения wiki_security.php:322
CWikiSecurity\$_filters
$_filters
Определения wiki_security.php:7
CWikiSecurity\clear
clear(&$str)
Определения wiki_security.php:261
CWikiSecurity\_decode
_decode($str)
Определения wiki_security.php:336
CWikiSecurity\__construct
__construct($char=false)
Определения wiki_security.php:9
CWikiSecurity\_dostr
_dostr(&$str)
Определения wiki_security.php:266
CWikiSecurity\_decode_cb
_decode_cb($in)
Определения wiki_security.php:310
$str
$str
Определения commerceml2.php:63
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$ch
else $ch
Определения group_list_element_edit.php:27
IncludeModuleLangFile
IncludeModuleLangFile($filepath, $lang=false, $bReturnArray=false)
Определения tools.php:3778