diff options
Diffstat (limited to 'modules/gallery')
| -rw-r--r-- | modules/gallery/config/purifier.php | 27 | ||||
| -rw-r--r-- | modules/gallery/libraries/SafeString.php | 28 |
2 files changed, 8 insertions, 47 deletions
diff --git a/modules/gallery/config/purifier.php b/modules/gallery/config/purifier.php deleted file mode 100644 index 30de9dc5..00000000 --- a/modules/gallery/config/purifier.php +++ /dev/null @@ -1,27 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ - -$config["Cache"] = array( - "SerializerPath" => TMPPATH -); - -$config["Attr"] = array( - "EnableID" => true -); diff --git a/modules/gallery/libraries/SafeString.php b/modules/gallery/libraries/SafeString.php index 93905572..3328fed5 100644 --- a/modules/gallery/libraries/SafeString.php +++ b/modules/gallery/libraries/SafeString.php @@ -26,8 +26,6 @@ class SafeString_Core { protected $_is_safe_html = false; protected $_is_purified_html = false; - private static $_purifier = null; - /** Constructor */ function __construct($string) { if ($string instanceof SafeString) { @@ -151,29 +149,19 @@ class SafeString_Core { return $this->_raw_string; } - // Escapes special HTML chars ("<", ">", "&", etc.) to HTML entities. + /** + * Escape special HTML chars ("<", ">", "&", etc.) to HTML entities. + */ private static function _escape_for_html($dirty_html) { return html::specialchars($dirty_html); } - // Purifies the string, removing any potentially malicious or unsafe HTML / JavaScript. + /** + * Purify the string, removing any potentially malicious or unsafe HTML / JavaScript. + */ private static function _purify_for_html($dirty_html) { - if (null === self::$_purifier) { - if (module::is_active("htmlpurifier")) { - require_once(MODPATH . "htmlpurifier/lib/HTMLPurifier/HTMLPurifier.auto.php"); - $config = HTMLPurifier_Config::createDefault(); - foreach (Kohana::config('purifier') as $category => $key_value) { - foreach ($key_value as $key => $value) { - $config->set("$category.$key", $value); - } - } - self::$_purifier = new HTMLPurifier($config); - } else { - self::$_purifier = false; - } - } - if (self::$_purifier) { - return self::$_purifier->purify($dirty_html); + if (method_exists("purifier", "purify")) { + return purifier::purify($dirty_html); } else { return self::_escape_for_html($dirty_html); } |