[2016-11-16] 4images 1.8 released
0 Members and 1 Guest are viewing this topic.
Mit diesem Plugin den Suchindex neu erstellen:http://www.4homepages.de/forum/index.php?topic=6718.0
<?phpinfo() ?>
global.php das ist der Fix / here the fix: Die komplette Funktion / complete function durch / replace withCode: [Select]function clean_string($string) { $canCheckUTF8Error = defined('PREG_BAD_UTF8_ERROR') && function_exists('preg_last_error'); // Remove any attribute starting with "on" or xmlns $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iUu',"$1>",$string); if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) { $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iU',"$1>",$string); } $string = $tmp; // Remove javascript: and vbscript: protocol $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2nojavascript...',$string); if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) { $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2nojavascript...',$string); } $string = $tmp; $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2novbscript...',$string); if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) { $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2novbscript...',$string); } $string = $tmp; // <span style="width: expression(alert('Ping!'));"></span> // only works in ie... $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU',"$1>",$string); $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU',"$1>",$string); $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu',"$1>",$string); if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) { $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iU',"$1>",$string); } $string = $tmp; // Remove namespaced elements (we do not need them...) $string = preg_replace('#</*\w+:\w[^>]*>#i',"",$string); // Remove all control (i.e. with ASCII value lower than 0x20 (space), // except of 0x0A (line feed) and 0x09 (tabulator) $search = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F"; $replace = //str_repeat("\r", strlen($search2)); "\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D"; $string = str_replace("\r\n", "\n", $string); $string = str_replace("\r", "\n", $string); $string = strtr($string, $search, $replace); $string = str_replace("\r", '', $string); // \r === \x0D // Remove really unwanted tags do { $oldstring = $string; $string = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i',"",$string); } while ($oldstring != $string); return $string;}function clean_array($array) { foreach ($array as $key => $val) { $key = clean_string($key); if (is_array($val)) { $val = clean_array($val); } else { $val = clean_string($val); } $array[$key] = $val; } return $array;} ersetzen.
function clean_string($string) { $canCheckUTF8Error = defined('PREG_BAD_UTF8_ERROR') && function_exists('preg_last_error'); // Remove any attribute starting with "on" or xmlns $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iUu',"$1>",$string); if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) { $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iU',"$1>",$string); } $string = $tmp; // Remove javascript: and vbscript: protocol $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2nojavascript...',$string); if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) { $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2nojavascript...',$string); } $string = $tmp; $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2novbscript...',$string); if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) { $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2novbscript...',$string); } $string = $tmp; // <span style="width: expression(alert('Ping!'));"></span> // only works in ie... $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU',"$1>",$string); $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU',"$1>",$string); $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu',"$1>",$string); if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) { $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iU',"$1>",$string); } $string = $tmp; // Remove namespaced elements (we do not need them...) $string = preg_replace('#</*\w+:\w[^>]*>#i',"",$string); // Remove all control (i.e. with ASCII value lower than 0x20 (space), // except of 0x0A (line feed) and 0x09 (tabulator) $search = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F"; $replace = //str_repeat("\r", strlen($search2)); "\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D"; $string = str_replace("\r\n", "\n", $string); $string = str_replace("\r", "\n", $string); $string = strtr($string, $search, $replace); $string = str_replace("\r", '', $string); // \r === \x0D // Remove really unwanted tags do { $oldstring = $string; $string = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i',"",$string); } while ($oldstring != $string); return $string;}function clean_array($array) { foreach ($array as $key => $val) { $key = clean_string($key); if (is_array($val)) { $val = clean_array($val); } else { $val = clean_string($val); } $array[$key] = $val; } return $array;}
