diff options
-rw-r--r-- | ext/standard/string.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/ext/standard/string.c b/ext/standard/string.c index 9ef011d51e..9656b116ca 100644 --- a/ext/standard/string.c +++ b/ext/standard/string.c @@ -3190,6 +3190,9 @@ int php_tag_find(char *tag, int len, char *set) { When an allow string is passed in we keep track of the string in state 1 and when the tag is closed check it against the allow string to see if we should allow it. + + swm: Added ability to strip <?xml tags without assuming it PHP + code. */ PHPAPI void php_strip_tags(char *rbuf, int len, int state, char *allow, int allow_len) { @@ -3286,13 +3289,18 @@ PHPAPI void php_strip_tags(char *rbuf, int len, int state, char *allow, int allo break; case '?': - if (state==1 && *(p-1)=='<') { + if (state==1 && *(p-1)=='<' && *(p+1) != 'x' + && *(p+2) != 'm' && *(p+3) != 'l') { + br=0; state=2; break; } - /* fall-through */ + /* else, it is xml, since state == 1, lets just fall through + * to '>' + */ + /* fall-through */ default: if (state == 0) { *(rp++) = c; @@ -3301,7 +3309,7 @@ PHPAPI void php_strip_tags(char *rbuf, int len, int state, char *allow, int allo if( (tp-tbuf)>=PHP_TAG_BUF_SIZE ) { /* no buffer overflows */ tp = tbuf; } - } + } break; } c = *(++p); |