Update to upstream 1.2.6

Kdecherf · Kdecherf · commit 9ce2eef0eb79 · 2022-01-22T19:11:00.000+01:00
Signed-off-by: Kevin Decherf &lt;kevin@kdecherf.com&gt;
diff --git a/htmLawed.php b/htmLawed.php
@@ -1,7 +1,7 @@
 <?php
 
 /*
-htmLawed 1.2.4.2, 16 May 2019
+htmLawed 1.2.6, 4 September 2021
 Copyright Santosh Patnaik
 Dual licensed with LGPL 3 and GPL 2+
 A PHP Labware internal utility - www.bioinformatics.org/phplabware/internal_utilities/htmLawed
@@ -46,8 +46,8 @@ function htmLawed($t, $C = 1, $S = [])
     }
     $C['elements'] = &$e;
     // config attrs
-    $x = !empty($C['deny_attribute']) ? strtolower(str_replace(["\n", "\r", "\t", ' '], '', $C['deny_attribute'])) : '';
-    $x = array_flip((isset($x[0]) && '*' === $x[0]) ? str_replace('/', 'data-', explode('-', str_replace('data-', '/', $x))) : explode(',', $x . (!empty($C['safe']) ? ',on*' : '')));
+    $x = !empty($C['deny_attribute']) ? strtolower(preg_replace('"\s+-"', '/', trim($C['deny_attribute']))) : '';
+    $x = array_flip((isset($x[0]) && '*' === $x[0]) ? explode('/', $x) : explode(',', $x . (!empty($C['safe']) ? ',on*' : '')));
     $C['deny_attribute'] = $x;
     // config URLs
     $x = (isset($C['schemes'][2]) && strpos($C['schemes'], ':')) ? strtolower($C['schemes']) : 'href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, tel, telnet' . (empty($C['safe']) ? ', app, javascript; *: data, javascript, ' : '; *:') . 'file, http, https';
@@ -1016,11 +1016,11 @@ function hl_tag2(&$e, &$a, $t = 1)
         $a2 = '';
         while (preg_match('`(^|\s)(color|size)\s*=\s*(\'|")?(.+?)(\\3|\s|$)`i', $a, $m)) {
             $a = str_replace($m[0], ' ', $a);
-            $a2 .= 'color' === strtolower($m[2]) ? (' color: ' . str_replace('"', '\'', trim($m[4])) . ';') : (isset($fs[($m = trim($m[4]))]) ? ($a2 .= ' font-size: ' . str_replace('"', '\'', $fs[$m]) . ';') : '');
+            $a2 .= 'color' === strtolower($m[2]) ? (' color: ' . str_replace(['"', ';', ':'], '\'', trim($m[4])) . ';') : (isset($fs[($m = trim($m[4]))]) ? (' font-size: ' . $fs[$m] . ';') : '');
         }
         while (preg_match('`(^|\s)face\s*=\s*(\'|")?([^=]+?)\\2`i', $a, $m) || preg_match('`(^|\s)face\s*=(\s*)(\S+)`i', $a, $m)) {
             $a = str_replace($m[0], ' ', $a);
-            $a2 .= ' font-family: ' . str_replace('"', '\'', trim($m[3])) . ';';
+            $a2 .= ' font-family: ' . str_replace(['"', ';', ':'], '\'', trim($m[3])) . ';';
         }
         $e = 'span';
 
@@ -1130,5 +1130,5 @@ function hl_aux2($m)
 function hl_version()
 {
     // version
-    return '1.2.4.2';
+    return '1.2.6';
 }
diff --git a/htmLawedTest.php b/htmLawedTest.php
@@ -1,7 +1,7 @@
 <?php
 
 /*
-htmLawedTest.php, 17 May 2017
+htmLawedTest.php, 21 December 2020
 To test htmLawed
 Copyright Santosh Patnaik
 Dual licensed with LGPL 3 and GPL 2+
@@ -36,6 +36,24 @@
 }
 
 // slashes
+if (!function_exists('get_magic_quotes_gpc')) {
+    function get_magic_quotes_gpc()
+    {
+        return false;
+    }
+}
+  if (!function_exists('get_magic_quotes_runtime')) {
+      function get_magic_quotes_runtime()
+      {
+          return false;
+      }
+  }
+  if (!function_exists('set_magic_quotes_runtime')) {
+      function set_magic_quotes_runtime($new_setting)
+      {
+          return true;
+      }
+  }
 if (get_magic_quotes_gpc()) {
     foreach ($_POST as $k => $v) {
         $_POST[$k] = stripslashes($v);
@@ -564,8 +582,8 @@ function sndValidn(id, type){
 foreach ($cfg as $k => $v) {
     echo '<li>', $k, ': ';
     if (!empty($v[0])) { // input radio
-        $j = $v[3];
-        for ($i = $j - 1; ++$i < $v[0] + $v[3]; ++$j) {
+        $j = (int) ($v[3]);
+        for ($i = $j - 1; ++$i < (int) ($v[0]) + (int) ($v[3]); ++$j) {
             echo '<input type="radio" name="h', $k, '" value="', $i, '"', (!isset($_POST['h' . $k]) ? ($v[1] === $i ? ' checked="checked"' : '') : ($_POST['h' . $k] === $i ? ' checked="checked"' : '')), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />', $i, ' ';
         }
         if ('nil' === $v[1]) {
