403Webshell
Server IP : 61.19.30.66  /  Your IP : 216.73.216.59
Web Server : Apache/2.2.22 (Ubuntu)
System : Linux klw 3.11.0-15-generic #25~precise1-Ubuntu SMP Thu Jan 30 17:39:31 UTC 2014 x86_64
User : www-data ( 33)
PHP Version : 5.3.10-1ubuntu3.48
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/phpmyadming/libraries/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/phpmyadming/libraries/sanitizing.lib.php
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
 *
 * @version $Id: sanitizing.lib.php 10299 2007-04-17 17:13:20Z lem9 $
 */

/**
 * Sanitizes $message, taking into account our special codes
 * for formatting
 *
 * @uses    preg_replace()
 * @uses    strtr()
 * @param   string   the message
 *
 * @return  string   the sanitized message
 *
 * @access  public
 */
function PMA_sanitize($message)
{
    $replace_pairs = array(
        '<'         => '&lt;',
        '>'         => '&gt;',
        '[i]'       => '<em>',      // deprecated by em
        '[/i]'      => '</em>',     // deprecated by em
        '[em]'      => '<em>',
        '[/em]'     => '</em>',
        '[b]'       => '<strong>',  // deprecated by strong
        '[/b]'      => '</strong>', // deprecated by strong
        '[strong]'  => '<strong>',
        '[/strong]' => '</strong>',
        '[tt]'      => '<code>',    // deprecated by CODE or KBD
        '[/tt]'     => '</code>',   // deprecated by CODE or KBD
        '[code]'    => '<code>',
        '[/code]'   => '</code>',
        '[kbd]'     => '<kbd>',
        '[/kbd]'    => '</kbd>',
        '[br]'      => '<br />',
        '[/a]'      => '</a>',
        '[sup]'      => '<sup>',
        '[/sup]'      => '</sup>',
    );
    $message = strtr($message, $replace_pairs);

    $pattern = '/\[a@([^"@]*)@([^]"]*)\]/';

    if (preg_match_all($pattern, $message, $founds, PREG_SET_ORDER)) {
        $valid_links = array(
            'http',  // default http:// links (and https://)
            './Do',  // ./Documentation
        );

        foreach ($founds as $found) {
            // only http... and ./Do... allowed
            if (! in_array(substr($found[1], 0, 4), $valid_links)) {
                return $message;
            }
            // a-z and _ allowed in target
            if (! empty($found[2]) && preg_match('/[^a-z_]+/i', $found[2])) {
                return $message;
            }
        }

        $message = preg_replace($pattern, '<a href="\1" target="\2">', $message);
    }

    return $message;
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit