Bug #19699 ยป php5_static_error_fix.patch
| RemoveXSS.php (working copy) | ||
|---|---|---|
|
*/
|
||
|
class RemoveXSS {
|
||
|
function __construct() {
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Wrapper for the RemoveXSS function.
|
||
|
* Removes potential XSS code from an input string.
|
||
| ... | ... | |
|
* @param string Input string
|
||
|
* @return string Input string with potential XSS code removed
|
||
|
*/
|
||
|
function RemoveXSS($val) {
|
||
|
static function RemoveXSS($val) {
|
||
|
// remove all non-printable characters. CR(0a) and LF(0b) and TAB(9) are allowed
|
||
|
// this prevents some character re-spacing such as <java\0script>
|
||
|
// note that you have to handle splits with \n, \r, and \t later since they *are* allowed in some inputs
|
||