-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathipb_mess.py
87 lines (78 loc) · 2.97 KB
/
ipb_mess.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
from collections import OrderedDict
import re
def _make_str_replacer(pattern, replace):
def replacer(value):
return value.replace(pattern, replace)
return replacer
def _make_regex_replacer(pattern, replace):
regex_pattern = re.compile(pattern)
def replacer(value):
return regex_pattern.sub(replace, value)
return replacer
_simple_value_replaces = [
_make_str_replacer(" ", " "),
_make_str_replacer("&" , "&"),
_make_str_replacer("<!--" , "<!--"),
_make_str_replacer("-->" , "-->"),
_make_regex_replacer("(?i)<script", "<script"),
_make_str_replacer(">" , ">"),
_make_str_replacer("<" , "<"),
_make_str_replacer("\"" , """),
#_make_regex_replacer("/\n/" , "<br />"),
#_make_regex_replacer("/\\\$/" , "$" ),
#_make_regex_replacer("/\r/" , ""),
_make_str_replacer("!" , "!"),
_make_str_replacer("'" , "'"),]
# function clean_value($val)
# {
# global $ibforums;
#
# if ($val == "")
# {
# return "";
# }
#
# $val = str_replace( " ", " ", $val );
#
# if ( $ibforums->vars['strip_space_chr'] )
# {
# $val = str_replace( chr(0xCA), "", $val ); //Remove sneaky spaces
# }
#
# $val = str_replace( "&" , "&" , $val );
# $val = str_replace( "<!--" , "<!--" , $val );
# $val = str_replace( "-->" , "-->" , $val );
# $val = preg_replace( "/<script/i" , "<script" , $val );
# $val = str_replace( ">" , ">" , $val );
# $val = str_replace( "<" , "<" , $val );
# $val = str_replace( "\"" , """ , $val );
# $val = preg_replace( "/\n/" , "<br />" , $val ); // Convert literal newlines
# $val = preg_replace( "/\\\$/" , "$" , $val );
# $val = preg_replace( "/\r/" , "" , $val ); // Remove literal carriage returns
# $val = str_replace( "!" , "!" , $val );
# $val = str_replace( "'" , "'" , $val ); // IMPORTANT: It helps to increase sql query safety.
#
# // Ensure unicode chars are OK
#
# if ( $this->allow_unicode )
# {
# $val = preg_replace("/&#([0-9]+);/s", "&#\\1;", $val );
# }
#
# // Strip slashes if not already done so.
#
# if ( $this->get_magic_quotes )
# {
# $val = stripslashes($val);
# }
#
# // Swop user inputted backslashes
#
# $val = preg_replace( "/\\\(?!&#|\?#)/", "\", $val );
#
# return $val;
# }
def ipb_clean_value(value):
for replacer in _simple_value_replaces:
value = replacer(value)
return value