1 <?php |
1 <?php |
2 |
2 |
3 /* |
3 /* |
4 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
4 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
5 * Version 1.0.5 (Ferrishyn) |
5 * Version 1.0.6 (Roane) |
6 * Copyright (C) 2006-2007 Dan Fuhry |
6 * Copyright (C) 2006-2007 Dan Fuhry |
7 * |
7 * |
8 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
8 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
9 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
9 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
10 * |
10 * |
1137 '1.0.1.1'=> 'Loch Ness internal bugfix build', |
1137 '1.0.1.1'=> 'Loch Ness internal bugfix build', |
1138 '1.0.2b1'=> 'Coblynau unstable', |
1138 '1.0.2b1'=> 'Coblynau unstable', |
1139 '1.0.2' => 'Coblynau', |
1139 '1.0.2' => 'Coblynau', |
1140 '1.0.3' => 'Dyrad', |
1140 '1.0.3' => 'Dyrad', |
1141 '1.0.4' => 'Ellyyllon', |
1141 '1.0.4' => 'Ellyyllon', |
1142 '1.0.5' => 'Ferrishyn' |
1142 '1.0.5' => 'Ferrishyn', |
|
1143 '1.0.6' => 'Roane' |
1143 ); |
1144 ); |
1144 $version = enano_version(); |
1145 $version = enano_version(); |
1145 if ( isset($names[$version]) ) |
1146 if ( isset($names[$version]) ) |
1146 { |
1147 { |
1147 return $names[$version]; |
1148 return $names[$version]; |
1148 } |
1149 } |
1149 return 'Anonymous build'; |
1150 return 'Unofficial build'; |
1150 } |
1151 } |
1151 |
1152 |
1152 /** |
1153 /** |
1153 * What kinda sh** was I thinking when I wrote this. Deprecated. |
1154 * Badly named function to send back eval-able Javascript code with an error message. Deprecated, use JSON instead. |
1154 */ |
|
1155 |
|
1156 function _dualurlenc($t) { |
|
1157 return rawurlencode(rawurlencode($t)); |
|
1158 } |
|
1159 |
|
1160 /** |
|
1161 * Badly named function to send back eval'able Javascript code with an error message. Deprecated, use JSON instead. |
|
1162 * @param string Message to send |
1155 * @param string Message to send |
1163 */ |
1156 */ |
1164 |
1157 |
1165 function _die($t) { |
1158 function _die($t) { |
1166 $_ob = 'document.getElementById("ajaxEditContainer").innerHTML = unescape(\'' . rawurlencode('' . $t . '') . '\')'; |
1159 $_ob = 'document.getElementById("ajaxEditContainer").innerHTML = unescape(\'' . rawurlencode('' . $t . '') . '\')'; |
1852 // Vulnerability from ha.ckers.org/xss.html: |
1845 // Vulnerability from ha.ckers.org/xss.html: |
1853 // <script src="http://foo.com/xss.js" |
1846 // <script src="http://foo.com/xss.js" |
1854 // < |
1847 // < |
1855 // The rule is so specific because everything else will have been filtered by now |
1848 // The rule is so specific because everything else will have been filtered by now |
1856 $html = preg_replace('/<(script|iframe)(.+?)src=([^>]*)</i', '<\\1\\2src=\\3<', $html); |
1849 $html = preg_replace('/<(script|iframe)(.+?)src=([^>]*)</i', '<\\1\\2src=\\3<', $html); |
|
1850 |
|
1851 // Vulnerability reported by fuzion from nukeit.org: |
|
1852 // XSS in closing HTML tag style attribute |
|
1853 // Fix: escape all closing tags with non-whitelisted characters |
|
1854 $html = preg_replace('!</((?:.*)([^a-z0-9-_:]+)(?:.*))>!', '</\\1>', $html); |
1857 |
1855 |
1858 // Restore stripped comments |
1856 // Restore stripped comments |
1859 $i = 0; |
1857 $i = 0; |
1860 foreach ( $comment_match[0] as $comment ) |
1858 foreach ( $comment_match[0] as $comment ) |
1861 { |
1859 { |