Author Topic: 1.7.2 - 1.7.4 [FIX] mit Umlauten in Kommentaren-/Suche - Comments-/Search  (Read 142601 times)

0 Members and 1 Guest are viewing this topic.

bildergallery

  • Guest
nach mehreren offenen treads habe ich selber versucht, in einer frischen 4images installation
kommentare mit umlauten zu erstellen.

----------------------------------------------------------------------------------------------------------------------

ich benutze als testversion / testsystem
PHP Version 5.2.2 und Mysql 5.0.41

4images 1.7.4

Quelltext im Browser:
<title>4images - Image Gallery Management System</title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" href="./templates/default/style.css" />


----------------------------------------------------------------------------------------------------------------------

folgende fehlermeldung kommt (siehe bild vorher.gif):
Das Feld Überschrift muss ausgefüllt werden!
Das Feld Kommentar muss ausgefüllt werden!

wenn die umlaute durch ae ue oe ersetzt werden, funktioniert dies (siehe bilder nachher.gif)

liebe programmierer, meldet euch  :wink:
damit die sache entgültig gelöst wird :!:


UPDATE 28.08.2007
LÖSUNG/BUGFIX


suche/search in global.php
Code: [Select]
function clean_array($array) {
  $search = array(
    // Remove any attribute starting with "on" or xmlns
    '#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iUu',
    // Remove javascript: and vbscript: protocol
    '#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu',
    '#([a-z]*)[\x00-\x20]*=([\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu',
    //<span style="width: expression(alert('Ping!'));"></span>
    // Only works in ie...
    '#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU',
    '#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU',
    '#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu'
  );

  $replace = array(
    "$1>",
    '$1=$2nojavascript...',
    '$1=$2novbscript...',
    "$1>",
    "$1>",
    "$1>"
  );

  // Remove all control (i.e. with ASCII value lower than 0x20 (space),
  // except of 0x0A (line feed) and 0x09 (tabulator)
  $search2 =
      "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F";
  $replace2 = //str_repeat("\r", strlen($search2));
      "\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D";

  foreach ($array as $key => $val) {
    if (is_array($val)) {
      $val = clean_array($val);
    } else {
      $val = preg_replace($search, $replace, $val);

      $val = str_replace("\r\n", "\n", $val);
      $val = str_replace("\r",   "\n", $val);
      $val = strtr($val, $search2, $replace2);
      $val = str_replace("\r", '', $val);  // \r === \x0D

      do {
        $oldval = $val;
        $val = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i', "", $val);
      } while ($oldval != $val);
    }

    $array[$key] = $val;
  }

  return $array;
}

ersetze/replace
Code: [Select]
function clean_string($string) {
  $canCheckUTF8Error = defined('PREG_BAD_UTF8_ERROR') && function_exists('preg_last_error');

  // Remove any attribute starting with "on" or xmlns
  $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iUu',"$1>",$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iU',"$1>",$string);
  }
  $string = $tmp;

  // Remove javascript: and vbscript: protocol
  $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2nojavascript...',$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2nojavascript...',$string);
  }
  $string = $tmp;
  $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2novbscript...',$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2novbscript...',$string);
  }
  $string = $tmp;

  // <span style="width: expression(alert('Ping!'));"></span>
  // only works in ie...
  $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU',"$1>",$string);
  $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU',"$1>",$string);
  $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu',"$1>",$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iU',"$1>",$string);
  }
  $string = $tmp;

  // Remove namespaced elements (we do not need them...)
  $string = preg_replace('#</*\w+:\w[^>]*>#i',"",$string);

  // Remove all control (i.e. with ASCII value lower than 0x20 (space),
  // except of 0x0A (line feed) and 0x09 (tabulator)
  $search =
    "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F";
  $replace = //str_repeat("\r", strlen($search2));
    "\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D";

  $string = str_replace("\r\n", "\n", $string);
  $string = str_replace("\r",   "\n", $string);
  $string = strtr($string, $search, $replace);
  $string = str_replace("\r", '', $string);  // \r === \x0D

  // Remove really unwanted tags
  do {
    $oldstring = $string;
    $string = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i',"",$string);
  } while ($oldstring != $string);

  return $string;
}

function clean_array($array) {
  foreach ($array as $key => $val) {
    $key = clean_string($key);

    if (is_array($val)) {
      $val = clean_array($val);
    } else {
      $val = clean_string($val);
    }

    $array[$key] = $val;
  }

  return $array;
}
« Last Edit: July 06, 2008, 09:51:07 PM by ivan »

Offline mawenzi

  • 4images Moderator
  • 4images Guru
  • *****
  • Posts: 4.500
    • View Profile
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #1 on: August 04, 2007, 02:27:01 PM »
... habe Jan und Kai nochmals auf dieses Problem hingewiesen ...
Your first three "must do" before you ask a question ! ( © by V@no )
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

You are on search for top 4images MOD's ?
- then please search here ... Mawenzi's Top 100+ MOD List (unsorted sorted) ...

Offline Jan

  • Administrator
  • 4images Guru
  • *****
  • Posts: 5.024
    • View Profile
    • 4images - Image Gallery Management System
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #2 on: August 09, 2007, 01:49:50 PM »
Das wurde schon vor ziemlich langer Zeit gefixt (ziemlich am Anfang der global.php).

Jan
Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search

Offline Jan

  • Administrator
  • 4images Guru
  • *****
  • Posts: 5.024
    • View Profile
    • 4images - Image Gallery Management System
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #3 on: August 14, 2007, 10:19:30 AM »
Hi,

wir sind leider hier im Büro seit 1 Woche offline  :|
Ich werde mich sobald es geht darum kümmern..

Jan
Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search

Offline Nicky

  • Administrator
  • 4images Guru
  • *****
  • Posts: 3.195
    • View Profile
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #4 on: August 14, 2007, 02:00:14 PM »
auf meinem server laufen...

PHP Version 4.3.11
und
MySQL 5.0.22 (datenbank als utf8_general_ci)

an 4images 1.7.4 wurde nichts verändert.

das ist das ergebniss
http://www.nicky.net/4test/details.php?image_id=1
cheers
Nicky
Your first three "must do" before you ask a question ! (© by V@no)
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

nicky.net 4 4images
Signature stolen from mawenzi

Offline mawenzi

  • 4images Moderator
  • 4images Guru
  • *****
  • Posts: 4.500
    • View Profile
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #5 on: August 14, 2007, 02:34:44 PM »
@Nicky
... du bist ja ein Sprachgenie ...  :mrgreen:
... ich denke aber es dreht sich vorrangig um PHP Version 5.x.x ...
Your first three "must do" before you ask a question ! ( © by V@no )
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

You are on search for top 4images MOD's ?
- then please search here ... Mawenzi's Top 100+ MOD List (unsorted sorted) ...

Offline Nicky

  • Administrator
  • 4images Guru
  • *****
  • Posts: 3.195
    • View Profile
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #6 on: August 14, 2007, 02:43:51 PM »
LOOOOOOOOOL..

ich sollte echt mal die postings komplett lesen.. hab ja nur "5"-er gelesen und dachte auf mysql 5...
damit war mein post überflüssig.

sorry leutz...
cheers
Nicky
Your first three "must do" before you ask a question ! (© by V@no)
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

nicky.net 4 4images
Signature stolen from mawenzi

Offline Nicky

  • Administrator
  • 4images Guru
  • *****
  • Posts: 3.195
    • View Profile
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #7 on: August 14, 2007, 04:30:07 PM »
wieder ich
guckst du... (kann am server zwischen PHP4 und PHP5 wechseln)

PHP Version 5.1.1
MySQL 5.0.22 (datenbank als utf8_general_ci)

http://www.nicky.net/4test/details.php?image_id=1
user: test
pass: test
« Last Edit: August 15, 2007, 02:31:29 AM by Nicky »
cheers
Nicky
Your first three "must do" before you ask a question ! (© by V@no)
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

nicky.net 4 4images
Signature stolen from mawenzi

Offline Jan

  • Administrator
  • 4images Guru
  • *****
  • Posts: 5.024
    • View Profile
    • 4images - Image Gallery Management System
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #8 on: August 14, 2007, 06:48:12 PM »
Mit register_globals hat das nichts zu tun. 4images war noch nie auf register_globals on angewiesen. Auch die neuen Superglobals können nicht das Problem sein weil wie gesagt schon lange ein Workaround besteht. Ich werde mir das mal in Ruhe anschauen...

Jan
Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search

Offline Jan

  • Administrator
  • 4images Guru
  • *****
  • Posts: 5.024
    • View Profile
    • 4images - Image Gallery Management System
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #9 on: August 23, 2007, 05:54:45 PM »
Hi,

ich hab leider momentan nicht viel Zeit, ich kann den Fehler bei mir nicht nachvollziehen. Hier klappt alles ohne Probleme mit den Umlauten. Hast Du ne URL zu einer Installation bei der es nicht funktioniert?

Gruß Jan
Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search

Offline mawenzi

  • 4images Moderator
  • 4images Guru
  • *****
  • Posts: 4.500
    • View Profile
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #10 on: August 23, 2007, 07:01:43 PM »
... wenn in dieser Demo-Installation zwar nicht alles so richtig funktioniert, z.b. das captcha image nicht, so funktionieren zumindest die Umlaute in den Kommentaren ...
Your first three "must do" before you ask a question ! ( © by V@no )
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

You are on search for top 4images MOD's ?
- then please search here ... Mawenzi's Top 100+ MOD List (unsorted sorted) ...

Offline mawenzi

  • 4images Moderator
  • 4images Guru
  • *****
  • Posts: 4.500
    • View Profile
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #11 on: August 23, 2007, 07:37:11 PM »
... Ivan, genauer lesen ...
... die Kommentare funktionieren dort mit Umlauten ... !
... also ist diese Installation ein schlechtes Beispiel für deine Umlaut-Probleme ...
Your first three "must do" before you ask a question ! ( © by V@no )
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

You are on search for top 4images MOD's ?
- then please search here ... Mawenzi's Top 100+ MOD List (unsorted sorted) ...

Offline Jan

  • Administrator
  • 4images Guru
  • *****
  • Posts: 5.024
    • View Profile
    • 4images - Image Gallery Management System
Re: Bug 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #12 on: August 24, 2007, 10:36:11 AM »
Ok, der "Fehler" liegt in der Funktion clean_array() in global.php. Ein Workaround ist, folgende Zeile

Code: [Select]
'#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu'
in

Code: [Select]
'#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iU'
zu ändern. Also das kleine u am Ende zu entfernen.
Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search

Offline Jan

  • Administrator
  • 4images Guru
  • *****
  • Posts: 5.024
    • View Profile
    • 4images - Image Gallery Management System
Re: [FIX] 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #13 on: August 29, 2007, 05:09:45 PM »
global.php

 :flag-de: das ist der Fix /  :flag-en: here the fix:

 :flag-de: Die komplette Funktion /  :flag-en: complete function

Code: [Select]
function clean_array($array) {
  $search = array(
    // Remove any attribute starting with "on" or xmlns
    '#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iUu',
    // Remove javascript: and vbscript: protocol
    '#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu',
    '#([a-z]*)[\x00-\x20]*=([\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu',
    //<span style="width: expression(alert('Ping!'));"></span>
    // Only works in ie...
    '#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU',
    '#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU',
    '#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu'
  );

  $replace = array(
    "$1>",
    '$1=$2nojavascript...',
    '$1=$2novbscript...',
    "$1>",
    "$1>",
    "$1>"
  );

  // Remove all control (i.e. with ASCII value lower than 0x20 (space),
  // except of 0x0A (line feed) and 0x09 (tabulator)
  $search2 =
      "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F";
  $replace2 = //str_repeat("\r", strlen($search2));
      "\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D";

  foreach ($array as $key => $val) {
    if (is_array($val)) {
      $val = clean_array($val);
    } else {
      $val = preg_replace($search, $replace, $val);

      $val = str_replace("\r\n", "\n", $val);
      $val = str_replace("\r",   "\n", $val);
      $val = strtr($val, $search2, $replace2);
      $val = str_replace("\r", '', $val);  // \r === \x0D

      do {
        $oldval = $val;
        $val = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i', "", $val);
      } while ($oldval != $val);
    }

    $array[$key] = $val;
  }

  return $array;
}

 :flag-de: durch /  :flag-en: replace with

Code: [Select]
function clean_string($string) {
  $canCheckUTF8Error = defined('PREG_BAD_UTF8_ERROR') && function_exists('preg_last_error');

  // Remove any attribute starting with "on" or xmlns
  $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iUu',"$1>",$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iU',"$1>",$string);
  }
  $string = $tmp;

  // Remove javascript: and vbscript: protocol
  $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2nojavascript...',$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2nojavascript...',$string);
  }
  $string = $tmp;
  $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2novbscript...',$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2novbscript...',$string);
  }
  $string = $tmp;

  // <span style="width: expression(alert('Ping!'));"></span>
  // only works in ie...
  $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU',"$1>",$string);
  $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU',"$1>",$string);
  $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu',"$1>",$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iU',"$1>",$string);
  }
  $string = $tmp;

  // Remove namespaced elements (we do not need them...)
  $string = preg_replace('#</*\w+:\w[^>]*>#i',"",$string);

  // Remove all control (i.e. with ASCII value lower than 0x20 (space),
  // except of 0x0A (line feed) and 0x09 (tabulator)
  $search =
    "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F";
  $replace = //str_repeat("\r", strlen($search2));
    "\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D";

  $string = str_replace("\r\n", "\n", $string);
  $string = str_replace("\r",   "\n", $string);
  $string = strtr($string, $search, $replace);
  $string = str_replace("\r", '', $string);  // \r === \x0D

  // Remove really unwanted tags
  do {
    $oldstring = $string;
    $string = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i',"",$string);
  } while ($oldstring != $string);

  return $string;
}

function clean_array($array) {
  foreach ($array as $key => $val) {
    $key = clean_string($key);

    if (is_array($val)) {
      $val = clean_array($val);
    } else {
      $val = clean_string($val);
    }

    $array[$key] = $val;
  }

  return $array;
}

 :flag-de: ersetzen.
« Last Edit: December 27, 2007, 06:37:12 PM by Nicky »
Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search

Offline Nicky

  • Administrator
  • 4images Guru
  • *****
  • Posts: 3.195
    • View Profile
Re: [FIX] 1.7.4 mit Umlauten in Kommentaren / Comments
« Reply #14 on: August 29, 2007, 09:24:40 PM »
dies ist aber schon offtopic ;)

nee, scherz bei seite.. dieser fehler ist bekannt.
cheers
Nicky
Your first three "must do" before you ask a question ! (© by V@no)
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

nicky.net 4 4images
Signature stolen from mawenzi