diff --git a/includes/pbboardCodeparse.class.php b/includes/pbboardCodeparse.class.php
index abb0e2e..ae148bc 100644
--- a/includes/pbboardCodeparse.class.php
+++ b/includes/pbboardCodeparse.class.php
@@ -754,6 +754,9 @@ function censor_words($text)
}
}
+
+ $text = $this->xss_clean($text);
+
$text = str_ireplace("{h-h}", "http", $text);
$text = str_ireplace("{w-w}", "www.", $text);
$text = str_replace('rel="dofollow" rel="nofollow"', '', $text);
@@ -761,7 +764,6 @@ function censor_words($text)
$text = str_replace("
", "
", $text);
//XSS filtering function
- $text = $this->xss_clean($text);
eval($PowerBB->functions->get_fetch_hooks('BBCodeParseHooks_cr'));
@@ -823,12 +825,32 @@ function censor_words($text)
//XSS filtering function
function xss_clean($data)
{
+
+
// Fix &entity\n;
$data = str_replace(array('&','<','>'), array('&','<','>'), $data);
$data = preg_replace('/(*\w+)[\x00-\x20]+;/u', '$1;', $data);
$data = preg_replace('/(*[0-9A-F]+);*/iu', '$1;', $data);
$data = html_entity_decode($data, ENT_COMPAT, 'UTF-8');
+ // start filtering tags
+ $regexcodexss = '#\<(.*)\>#siU';
+ $data = preg_replace_callback($regexcodexss, function($matches) {
+ $matches[1] = str_ireplace('alert', '', $matches[1]);
+ $matches[1] = str_replace('(', '', $matches[1]);
+ $matches[1] = str_replace(')', '', $matches[1]);
+ $matches[1] = str_replace('<', '', $matches[1]);
+ $matches[1] = str_ireplace('document.cookie', '', $matches[1]);
+ $matches[1] = str_ireplace('onclick', '', $matches[1]);
+ $matches[1] = str_ireplace('absolute',"a*bsolute",$matches[1]);
+ $matches[1] = str_ireplace('equiv',"e*quiv",$matches[1]);
+ $matches[1] = str_ireplace('refresh',"r*efresh",$matches[1]);
+ $matches[1] = str_ireplace('meta',"m*eta",$matches[1]);
+ $matches[1] = str_ireplace('input',"i*nput",$text);
+ $matches[1] = str_ireplace('action',"a*ction",$matches[1]);
+ return "<".$matches[1].">";
+ }, $data);
+
// Remove any attribute starting with "on" or xmlns
$data = preg_replace('#(<[^>]+?[\x00-\x20"\'])(?:on|xmlns)[^>]*+>#iu', '$1>', $data);
@@ -849,14 +871,17 @@ function xss_clean($data)
{
// Remove really unwanted tags
$old_data = $data;
- $data = preg_replace('#*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data);
+ $input = preg_replace('#*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $input);
}
while ($old_data !== $data);
// we are done...
+
return $data;
}
+
+
// long URL, Shortening Long URLs With PHP
function shortenurl($Aurl,$Burl,$lg_max)
{