diff options
author | Gavin Sherry <swm@php.net> | 2001-08-22 02:03:14 +0000 |
---|---|---|
committer | Gavin Sherry <swm@php.net> | 2001-08-22 02:03:14 +0000 |
commit | ff7a694e0f020fda7f15e14b2f7ba9f04325f2a9 (patch) | |
tree | fe102e5d98802db6ffba030232eb78e2c29bcbdc | |
parent | 30dc0813cb92755b8be8f921c119632ce2b7b6c6 (diff) | |
download | php-git-ff7a694e0f020fda7f15e14b2f7ba9f04325f2a9.tar.gz |
Changed php_strip_tags() to check if <? was XML code.
-rw-r--r-- | ext/standard/string.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/ext/standard/string.c b/ext/standard/string.c index 9ef011d51e..9656b116ca 100644 --- a/ext/standard/string.c +++ b/ext/standard/string.c @@ -3190,6 +3190,9 @@ int php_tag_find(char *tag, int len, char *set) { When an allow string is passed in we keep track of the string in state 1 and when the tag is closed check it against the allow string to see if we should allow it. + + swm: Added ability to strip <?xml tags without assuming it PHP + code. */ PHPAPI void php_strip_tags(char *rbuf, int len, int state, char *allow, int allow_len) { @@ -3286,13 +3289,18 @@ PHPAPI void php_strip_tags(char *rbuf, int len, int state, char *allow, int allo break; case '?': - if (state==1 && *(p-1)=='<') { + if (state==1 && *(p-1)=='<' && *(p+1) != 'x' + && *(p+2) != 'm' && *(p+3) != 'l') { + br=0; state=2; break; } - /* fall-through */ + /* else, it is xml, since state == 1, lets just fall through + * to '>' + */ + /* fall-through */ default: if (state == 0) { *(rp++) = c; @@ -3301,7 +3309,7 @@ PHPAPI void php_strip_tags(char *rbuf, int len, int state, char *allow, int allo if( (tp-tbuf)>=PHP_TAG_BUF_SIZE ) { /* no buffer overflows */ tp = tbuf; } - } + } break; } c = *(++p); |