PageRenderTime 49ms CodeModel.GetById 20ms RepoModel.GetById 1ms app.codeStats 0ms

/engine/lib/input.php

https://github.com/masuman/elgg-1
PHP | 524 lines | 439 code | 41 blank | 44 comment | 26 complexity | d45083044101a5e897063343bd7694a7 MD5 | raw file
    

  1. <?php

    2. 

  2. 	/**

    3. 

  3. 	 * Parameter input functions.

    4. 

  4. 	 * This file contains functions for getting input from get/post variables.

    5. 

  5. 	 * 

    6. 

  6. 	 * @package Elgg

    7. 

  7. 	 * @subpackage Core

    8. 

  8. 	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2

    9. 

  9. 	 * @author Curverider Ltd <info@elgg.com>

    10. 

  10. 	 * @copyright Curverider Ltd 2008-2009

    11. 

  11. 	 * @link http://elgg.org/

    12. 

  12. 	 */

    13. 

  13. 

    14. 

  14. 	/**

    15. 

  15. 	 * Get some input from variables passed on the GET or POST line.

    16. 

  16. 	 * 

    17. 

  17. 	 * @param $variable string The variable we want to return.

    18. 

  18. 	 * @param $default mixed A default value for the variable if it is not found.
    19. 

  19. 	 * @param $filter_result If true then the result is filtered for bad tags.

    20. 

  20. 	 */

    21. 

  21. 	function get_input($variable, $default = "", $filter_result = true)

    22. 

  22. 	{

    23. 

  23. 

    24. 

  24. 		global $CONFIG;

    25. 

  25. 		

    26. 

  26. 		if (isset($CONFIG->input[$variable]))

    27. 

  27. 			return $CONFIG->input[$variable];

    28. 

  28. 		

    29. 

  29. 		if (isset($_REQUEST[$variable])) {
    30. 

  30. 			

    31. 

  31. 			if (is_array($_REQUEST[$variable])) {
    32. 

  32. 				$var = $_REQUEST[$variable];
    33. 

  33. 			} else {
    34. 

  34. 				$var = trim($_REQUEST[$variable]);

    35. 

  35. 			}

    36. 

  36. 			
    37. 

  37. 			if ($filter_result)
    38. 

  38. 				$var = filter_tags($var);

    39. 

  39. 

    40. 

  40. 			return $var;

    41. 

  41. 			

    42. 

  42. 		}

    43. 

  43. 

    44. 

  44. 		return $default;

    45. 

  45. 

    46. 

  46. 	}

    47. 

  47. 	

    48. 

  48. 	/**

    49. 

  49. 	 * Sets an input value that may later be retrieved by get_input

    50. 

  50. 	 *

    51. 

  51. 	 * @param string $variable The name of the variable

    52. 

  52. 	 * @param string $value The value of the variable

    53. 

  53. 	 */

    54. 

  54. 	function set_input($variable, $value) {

    55. 

  55. 		

    56. 

  56. 		global $CONFIG;

    57. 

  57. 		if (!isset($CONFIG->input))

    58. 

  58. 			$CONFIG->input = array();
    59. 

  59. 					
    60. 

  60. 		if (is_array($value))
    61. 

  61. 		{
    62. 

  62. 			foreach ($value as $key => $val)
    63. 

  63. 				$value[$key] = trim($val);
    64. 

  64. 			
    65. 

  65. 			$CONFIG->input[trim($variable)] = $value;
    66. 

  66. 		}
    67. 

  67. 		else

    68. 

  68. 			$CONFIG->input[trim($variable)] = trim($value);

    69. 

  69. 			

    70. 

  70. 	}
    71. 

  71. 	
    72. 

  72. 	/**
    73. 

  73. 	 * Kses filtering of tags, called on a plugin hook
    74. 

  74. 	 *
    75. 

  75. 	 * @param mixed $var Variable to filter
    76. 

  76. 	 * @return mixed
    77. 

  77. 	 */
    78. 

  78. 	function kses_filter_tags($hook, $entity_type, $returnvalue, $params)
    79. 

  79. 	{
    80. 

  80. 		$return = $returnvalue;
    81. 

  81. 		$var = $returnvalue;
    82. 

  82. 		
    83. 

  83. 		if (@include_once(dirname(dirname(dirname(__FILE__)))) . "/vendors/kses/kses.php") {
    84. 

  84. 			
    85. 

  85. 			global $CONFIG;
    86. 

  86. 			
    87. 

  87. 			$allowedtags = $CONFIG->allowedtags; 
    88. 

  88. 			$allowedprotocols = $CONFIG->allowedprotocols;
    89. 

  89. 			
    90. 

  90. 			if (!is_array($var)) {
    91. 

  91. 				$return = "";
    92. 

  92. 				$return = kses($var, $allowedtags, $allowedprotocols);
    93. 

  93. 			} else {
    94. 

  94. 				$return = array();
    95. 

  95. 				
    96. 

  96. 				foreach($var as $key => $el) {
    97. 

  97. 					$return[$key] = kses($el, $allowedtags, $allowedprotocols);
    98. 

  98. 				}
    99. 

  99. 			}
    100. 

  100. 		}
    101. 

  101. 	
    102. 

  102. 		return $return;
    103. 

  103. 	}

    104. 

  104. 	

    105. 

  105. 	/**

    106. 

  106. 	 * Filter tags from a given string based on registered hooks.

    107. 

  107. 	 * @param $var

    108. 

  108. 	 * @return mixed The filtered result

    109. 

  109. 	 */

    110. 

  110. 	function filter_tags($var)

    111. 

  111. 	{

    112. 

  112. 		return trigger_plugin_hook('validate', 'input', null, $var);

    113. 

  113. 	}
    114. 

  114. 	
    115. 

  115. 	/**
    116. 

  116. 	 * Sanitise file paths for input, ensuring that they begin and end with slashes etc.
    117. 

  117. 	 *
    118. 

  118. 	 * @param string $path The path
    119. 

  119. 	 * @return string
    120. 

  120. 	 */
    121. 

  121. 	function sanitise_filepath($path)
    122. 

  122. 	{
    123. 

  123. 		// Convert to correct UNIX paths
    124. 

  124. 		$path = str_replace('\\', '/', $path);
    125. 

  125. 		
    126. 

  126. 		// Sort trailing slash
    127. 

  127. 		$path = trim($path);
    128. 

  128. 		$path = rtrim($path, " /");
    129. 

  129. 		$path = $path . "/";
    130. 

  130. 		
    131. 

  131. 		return $path;
    132. 

  132. 	}

    133. 

  133. 	
    134. 

  134. 	

    135. 

  135.     /**

    136. 

  136.      * Takes a string and turns any URLs into formatted links

    137. 

  137.      * 

    138. 

  138.      * @param string $text The input string

    139. 

  139.      * @return string The output stirng with formatted links

    140. 

  140.      **/

    141. 

  141.     function parse_urls($text) {
    142. 

  142.        
    143. 

  143.        	return preg_replace_callback('/(?<!=["\'])((ht|f)tps?:\/\/[^\s\r\n\t<>"\'\!\(\)]+)/i', 
    144. 

  144.        	create_function(
    145. 

  145.             '$matches',
    146. 

  146.             '
    147. 

  147.             	$url = $matches[1];
    148. 

  148.             	$urltext = str_replace("/", "/<wbr />", $url);
    149. 

  149.             	return "<a href=\"$url\" style=\"text-decoration:underline;\">$urltext</a>";
    150. 

  150.             '
    151. 

  151.         ), $text);

    152. 

  152.     }

    153. 

  153. 	

    154. 

  154. 	function autop($pee, $br = 1) {

    155. 

  155. 		$pee = $pee . "\n"; // just to make things a little easier, pad the end

    156. 

  156. 		$pee = preg_replace('|<br />\s*<br />|', "\n\n", $pee);

    157. 

  157. 		// Space things out a little

    158. 

  158. 		$allblocks = '(?:table|thead|tfoot|caption|colgroup|tbody|tr|td|th|div|dl|dd|dt|ul|ol|li|pre|select|form|map|area|blockquote|address|math|style|input|p|h[1-6]|hr)';

    159. 

  159. 		$pee = preg_replace('!(<' . $allblocks . '[^>]*>)!', "\n$1", $pee);

    160. 

  160. 		$pee = preg_replace('!(</' . $allblocks . '>)!', "$1\n\n", $pee);

    161. 

  161. 		$pee = str_replace(array("\r\n", "\r"), "\n", $pee); // cross-platform newlines

    162. 

  162. 		if ( strpos($pee, '<object') !== false ) {

    163. 

  163. 			$pee = preg_replace('|\s*<param([^>]*)>\s*|', "<param$1>", $pee); // no pee inside object/embed

    164. 

  164. 			$pee = preg_replace('|\s*</embed>\s*|', '</embed>', $pee);

    165. 

  165. 		}

    166. 

  166. 		$pee = preg_replace("/\n\n+/", "\n\n", $pee); // take care of duplicates

    167. 

  167. 		$pee = preg_replace('/\n?(.+?)(?:\n\s*\n|\z)/s', "<p>$1</p>\n", $pee); // make paragraphs, including one at the end

    168. 

  168. 		$pee = preg_replace('|<p>\s*?</p>|', '', $pee); // under certain strange conditions it could create a P of entirely whitespace

    169. 

  169. 		$pee = preg_replace('!<p>([^<]+)\s*?(</(?:div|address|form)[^>]*>)!', "<p>$1</p>$2", $pee);

    170. 

  170. 		$pee = preg_replace( '|<p>|', "$1<p>", $pee );

    171. 

  171. 		$pee = preg_replace('!<p>\s*(</?' . $allblocks . '[^>]*>)\s*</p>!', "$1", $pee); // don't pee all over a tag

    172. 

  172. 		$pee = preg_replace("|<p>(<li.+?)</p>|", "$1", $pee); // problem with nested lists

    173. 

  173. 		$pee = preg_replace('|<p><blockquote([^>]*)>|i', "<blockquote$1><p>", $pee);

    174. 

  174. 		$pee = str_replace('</blockquote></p>', '</p></blockquote>', $pee);

    175. 

  175. 		$pee = preg_replace('!<p>\s*(</?' . $allblocks . '[^>]*>)!', "$1", $pee);

    176. 

  176. 		$pee = preg_replace('!(</?' . $allblocks . '[^>]*>)\s*</p>!', "$1", $pee);

    177. 

  177. 		if ($br) {

    178. 

  178. 			$pee = preg_replace_callback('/<(script|style).*?<\/\\1>/s', create_function('$matches', 'return str_replace("\n", "<WPPreserveNewline />", $matches[0]);'), $pee);

    179. 

  179. 			$pee = preg_replace('|(?<!<br />)\s*\n|', "<br />\n", $pee); // optionally make line breaks

    180. 

  180. 			$pee = str_replace('<WPPreserveNewline />', "\n", $pee);

    181. 

  181. 		}

    182. 

  182. 		$pee = preg_replace('!(</?' . $allblocks . '[^>]*>)\s*<br />!', "$1", $pee);

    183. 

  183. 		$pee = preg_replace('!<br />(\s*</?(?:p|li|div|dl|dd|dt|th|pre|td|ul|ol)[^>]*>)!', '$1', $pee);

    184. 

  184. 		if (strpos($pee, '<pre') !== false)

    185. 

  185. 			$pee = preg_replace_callback('!(<pre.*?>)(.*?)</pre>!is', 'clean_pre', $pee );

    186. 

  186. 		$pee = preg_replace( "|\n</p>$|", '</p>', $pee );

    187. 

  187. 	

    188. 

  188. 		return $pee;

    189. 

  189. 	}

    190. 

  190.         

    191. 

  191. 	function input_init() {

    192. 

  192. 		

    193. 

  193. 		if (ini_get_bool('magic_quotes_gpc') ) {

    194. 

  194. 		    

    195. 

  195. 		    //do keys as well, cos array_map ignores them

    196. 

  196. 		    function stripslashes_arraykeys($array) {

    197. 

  197. 		        if (is_array($array)) {

    198. 

  198. 		            $array2 = array();

    199. 

  199. 		            foreach ($array as $key => $data) {

    200. 

  200. 		                if ($key != stripslashes($key)) {

    201. 

  201. 		                    $array2[stripslashes($key)] = $data;

    202. 

  202. 		                } else {

    203. 

  203. 		                    $array2[$key] = $data;

    204. 

  204. 		                }

    205. 

  205. 		            }

    206. 

  206. 		            return $array2;

    207. 

  207. 		        } else {

    208. 

  208. 		            return $array;

    209. 

  209. 		        }

    210. 

  210. 		    }

    211. 

  211. 		    

    212. 

  212. 		    function stripslashes_deep($value) {

    213. 

  213. 		        if (is_array($value)) {

    214. 

  214. 		            $value = stripslashes_arraykeys($value);

    215. 

  215. 		            $value = array_map('stripslashes_deep', $value);

    216. 

  216. 		        } else {

    217. 

  217. 		            $value = stripslashes($value);

    218. 

  218. 		        }

    219. 

  219. 		        return $value;

    220. 

  220. 		    }

    221. 

  221. 		    

    222. 

  222. 		    $_POST = stripslashes_arraykeys($_POST);

    223. 

  223. 		    $_GET = stripslashes_arraykeys($_GET);

    224. 

  224. 		    $_COOKIE = stripslashes_arraykeys($_COOKIE);

    225. 

  225. 		    $_REQUEST = stripslashes_arraykeys($_REQUEST);

    226. 

  226. 		    

    227. 

  227. 		    $_POST = array_map('stripslashes_deep', $_POST);

    228. 

  228. 		    $_GET = array_map('stripslashes_deep', $_GET);

    229. 

  229. 		    $_COOKIE = array_map('stripslashes_deep', $_COOKIE);

    230. 

  230. 		    $_REQUEST = array_map('stripslashes_deep', $_REQUEST);

    231. 

  231. 		    if (!empty($_SERVER['REQUEST_URI'])) {

    232. 

  232. 		        $_SERVER['REQUEST_URI'] = stripslashes($_SERVER['REQUEST_URI']);

    233. 

  233. 		    }

    234. 

  234. 		    if (!empty($_SERVER['QUERY_STRING'])) {

    235. 

  235. 		        $_SERVER['QUERY_STRING'] = stripslashes($_SERVER['QUERY_STRING']);

    236. 

  236. 		    }

    237. 

  237. 		    if (!empty($_SERVER['HTTP_REFERER'])) {

    238. 

  238. 		        $_SERVER['HTTP_REFERER'] = stripslashes($_SERVER['HTTP_REFERER']);

    239. 

  239. 		    }

    240. 

  240. 		    if (!empty($_SERVER['PATH_INFO'])) {

    241. 

  241. 		        $_SERVER['PATH_INFO'] = stripslashes($_SERVER['PATH_INFO']);

    242. 

  242. 		    }

    243. 

  243. 		    if (!empty($_SERVER['PHP_SELF'])) {

    244. 

  244. 		        $_SERVER['PHP_SELF'] = stripslashes($_SERVER['PHP_SELF']);

    245. 

  245. 		    }

    246. 

  246. 		    if (!empty($_SERVER['PATH_TRANSLATED'])) {

    247. 

  247. 		        $_SERVER['PATH_TRANSLATED'] = stripslashes($_SERVER['PATH_TRANSLATED']);

    248. 

  248. 		    }

    249. 

  249. 		    

    250. 

  250. 		}

    251. 

  251. 		

    252. 

  252. 		

    253. 

  253. 		global $CONFIG;

    254. 

  254. 		$CONFIG->allowedtags = array(

    255. 

  255. 		'address' => array(),

    256. 

  256. 		'a' => array(

    257. 

  257. 			'class' => array (),

    258. 

  258. 			'href' => array (),

    259. 

  259. 			'id' => array (),

    260. 

  260. 			'title' => array (),

    261. 

  261. 			'rel' => array (),

    262. 

  262. 			'rev' => array (),

    263. 

  263. 			'name' => array (),

    264. 

  264. 			'target' => array()),

    265. 

  265. 		'abbr' => array(

    266. 

  266. 			'class' => array (),

    267. 

  267. 			'title' => array ()),

    268. 

  268. 		'acronym' => array(

    269. 

  269. 			'title' => array ()),

    270. 

  270. 		'b' => array(),

    271. 

  271. 		'big' => array(),

    272. 

  272. 		'blockquote' => array(

    273. 

  273. 			'id' => array (),

    274. 

  274. 			'cite' => array (),

    275. 

  275. 			'class' => array(),

    276. 

  276. 			'lang' => array(),

    277. 

  277. 			'xml:lang' => array()),

    278. 

  278. 		'br' => array (

    279. 

  279. 			'class' => array ()),

    280. 

  280. 		'button' => array(

    281. 

  281. 			'disabled' => array (),

    282. 

  282. 			'name' => array (),

    283. 

  283. 			'type' => array (),

    284. 

  284. 			'value' => array ()),

    285. 

  285. 		'caption' => array(

    286. 

  286. 			'align' => array (),

    287. 

  287. 			'class' => array ()),

    288. 

  288. 		'cite' => array (

    289. 

  289. 			'class' => array(),

    290. 

  290. 			'dir' => array(),

    291. 

  291. 			'lang' => array(),

    292. 

  292. 			'title' => array ()),

    293. 

  293. 		'code' => array (

    294. 

  294. 			'style' => array()),

    295. 

  295. 		'col' => array(

    296. 

  296. 			'align' => array (),

    297. 

  297. 			'char' => array (),

    298. 

  298. 			'charoff' => array (),

    299. 

  299. 			'span' => array (),

    300. 

  300. 			'dir' => array(),

    301. 

  301. 			'style' => array (),

    302. 

  302. 			'valign' => array (),

    303. 

  303. 			'width' => array ()),

    304. 

  304. 		'del' => array(

    305. 

  305. 			'datetime' => array ()),

    306. 

  306. 		'dd' => array(),

    307. 

  307. 		'div' => array(

    308. 

  308. 			'align' => array (),

    309. 

  309. 			'class' => array (),

    310. 

  310. 			'id' => array(),

    311. 

  311. 			'dir' => array (),

    312. 

  312. 			'lang' => array(),

    313. 

  313. 			'style' => array (),

    314. 

  314. 			'xml:lang' => array()),

    315. 

  315. 		'dl' => array(),

    316. 

  316. 		'dt' => array(),

    317. 

  317. 		'em' => array(),

    318. 

  318. 		'fieldset' => array(),

    319. 

  319. 		'font' => array(

    320. 

  320. 			'color' => array (),

    321. 

  321. 			'face' => array (),

    322. 

  322. 			'size' => array ()),

    323. 

  323. 		'form' => array(

    324. 

  324. 		  'action' => array (),

    325. 

  325. 			'accept' => array (),

    326. 

  326. 			'accept-charset' => array (),

    327. 

  327. 			'enctype' => array (),

    328. 

  328. 			'method' => array (),

    329. 

  329. 			'name' => array (),

    330. 

  330. 			'target' => array ()),

    331. 

  331. 		'h1' => array(

    332. 

  332. 			'align' => array (),

    333. 

  333. 			'class' => array ()),

    334. 

  334. 		'h2' => array(

    335. 

  335. 			'align' => array (),

    336. 

  336. 			'class' => array ()),

    337. 

  337. 		'h3' => array(

    338. 

  338. 			'align' => array (),

    339. 

  339. 			'class' => array ()),

    340. 

  340. 		'h4' => array(

    341. 

  341. 			'align' => array (),

    342. 

  342. 			'class' => array ()),

    343. 

  343. 		'h5' => array(

    344. 

  344. 			'align' => array (),

    345. 

  345. 			'class' => array ()),

    346. 

  346. 		'h6' => array(

    347. 

  347. 			'align' => array (),

    348. 

  348. 			'class' => array ()),

    349. 

  349.     'input' => array(
    350. 

  350.       'name' => array(),
    351. 

  351.      'type' => array(),
    352. 

  352.       'value' => array(),
    353. 

  353.       'alt' => array(),
    354. 

  354.       'src' => array()
    355. 

  355.     ),
    356. 

  356. 		'hr' => array(

    357. 

  357. 			'align' => array (),

    358. 

  358. 			'class' => array (),

    359. 

  359. 			'noshade' => array (),

    360. 

  360. 			'size' => array (),

    361. 

  361. 			'width' => array ()),

    362. 

  362. 		'i' => array(),

    363. 

  363. 		'img' => array(

    364. 

  364. 			'alt' => array (),

    365. 

  365. 			'align' => array (),

    366. 

  366. 			'border' => array (),

    367. 

  367. 			'class' => array (),

    368. 

  368. 			'height' => array (),

    369. 

  369. 			'hspace' => array (),

    370. 

  370. 			'longdesc' => array (),

    371. 

  371. 			'vspace' => array (),

    372. 

  372. 			'src' => array (),

    373. 

  373. 			'style' => array (),

    374. 

  374. 			'width' => array ()),

    375. 

  375. 		'ins' => array(

    376. 

  376. 			'datetime' => array (),

    377. 

  377. 			'cite' => array ()),

    378. 

  378. 		'kbd' => array(),

    379. 

  379. 		'label' => array(

    380. 

  380. 			'for' => array ()),

    381. 

  381. 		'legend' => array(

    382. 

  382. 			'align' => array ()),

    383. 

  383. 		'li' => array (

    384. 

  384. 			'align' => array (),

    385. 

  385. 			'class' => array ()),

    386. 

  386. 		'p' => array(

    387. 

  387. 			'class' => array (),

    388. 

  388. 			'align' => array (),

    389. 

  389. 			'dir' => array(),

    390. 

  390. 			'lang' => array(),

    391. 

  391. 			'style' => array (),

    392. 

  392. 			'xml:lang' => array()),

    393. 

  393. 		'pre' => array(

    394. 

  394. 			'style' => array(),

    395. 

  395. 			'width' => array ()),

    396. 

  396. 		'q' => array(

    397. 

  397. 			'cite' => array ()),

    398. 

  398. 		's' => array(),

    399. 

  399. 		'span' => array (

    400. 

  400. 			'class' => array (),

    401. 

  401. 			'dir' => array (),

    402. 

  402. 			'align' => array (),

    403. 

  403. 			'lang' => array (),

    404. 

  404. 			'style' => array (),

    405. 

  405. 			'title' => array (),

    406. 

  406. 			'xml:lang' => array()),

    407. 

  407. 		'strike' => array(),

    408. 

  408. 		'strong' => array(),

    409. 

  409. 		'sub' => array(),

    410. 

  410. 		'sup' => array(),

    411. 

  411. 		'table' => array(

    412. 

  412. 			'align' => array (),

    413. 

  413. 			'bgcolor' => array (),

    414. 

  414. 			'border' => array (),

    415. 

  415. 			'cellpadding' => array (),

    416. 

  416. 			'cellspacing' => array (),

    417. 

  417. 			'class' => array (),

    418. 

  418. 			'dir' => array(),

    419. 

  419. 			'id' => array(),

    420. 

  420. 			'rules' => array (),

    421. 

  421. 			'style' => array (),

    422. 

  422. 			'summary' => array (),

    423. 

  423. 			'width' => array ()),

    424. 

  424. 		'tbody' => array(

    425. 

  425. 			'align' => array (),

    426. 

  426. 			'char' => array (),

    427. 

  427. 			'charoff' => array (),

    428. 

  428. 			'valign' => array ()),

    429. 

  429. 		'td' => array(

    430. 

  430. 			'abbr' => array (),

    431. 

  431. 			'align' => array (),

    432. 

  432. 			'axis' => array (),

    433. 

  433. 			'bgcolor' => array (),

    434. 

  434. 			'char' => array (),

    435. 

  435. 			'charoff' => array (),

    436. 

  436. 			'class' => array (),

    437. 

  437. 			'colspan' => array (),

    438. 

  438. 			'dir' => array(),

    439. 

  439. 			'headers' => array (),

    440. 

  440. 			'height' => array (),

    441. 

  441. 			'nowrap' => array (),

    442. 

  442. 			'rowspan' => array (),

    443. 

  443. 			'scope' => array (),

    444. 

  444. 			'style' => array (),

    445. 

  445. 			'valign' => array (),

    446. 

  446. 			'width' => array ()),

    447. 

  447. 		'textarea' => array(

    448. 

  448. 			'cols' => array (),

    449. 

  449. 			'rows' => array (),

    450. 

  450. 			'disabled' => array (),

    451. 

  451. 			'name' => array (),

    452. 

  452. 			'readonly' => array ()),

    453. 

  453. 		'tfoot' => array(

    454. 

  454. 			'align' => array (),

    455. 

  455. 			'char' => array (),

    456. 

  456. 			'class' => array (),

    457. 

  457. 			'charoff' => array (),

    458. 

  458. 			'valign' => array ()),

    459. 

  459. 		'th' => array(

    460. 

  460. 			'abbr' => array (),

    461. 

  461. 			'align' => array (),

    462. 

  462. 			'axis' => array (),

    463. 

  463. 			'bgcolor' => array (),

    464. 

  464. 			'char' => array (),

    465. 

  465. 			'charoff' => array (),

    466. 

  466. 			'class' => array (),

    467. 

  467. 			'colspan' => array (),

    468. 

  468. 			'headers' => array (),

    469. 

  469. 			'height' => array (),

    470. 

  470. 			'nowrap' => array (),

    471. 

  471. 			'rowspan' => array (),

    472. 

  472. 			'scope' => array (),

    473. 

  473. 			'valign' => array (),

    474. 

  474. 			'width' => array ()),

    475. 

  475. 		'thead' => array(

    476. 

  476. 			'align' => array (),

    477. 

  477. 			'char' => array (),

    478. 

  478. 			'charoff' => array (),

    479. 

  479. 			'class' => array (),

    480. 

  480. 			'valign' => array ()),

    481. 

  481. 		'title' => array(),

    482. 

  482. 		'tr' => array(

    483. 

  483. 			'align' => array (),

    484. 

  484. 			'bgcolor' => array (),

    485. 

  485. 			'char' => array (),

    486. 

  486. 			'charoff' => array (),

    487. 

  487. 			'class' => array (),

    488. 

  488. 			'style' => array (),

    489. 

  489. 			'valign' => array ()),

    490. 

  490. 		'tt' => array(),

    491. 

  491. 		'u' => array(),

    492. 

  492. 		'ul' => array (

    493. 

  493. 			'id' => array(),

    494. 

  494. 			'class' => array (),

    495. 

  495. 			'style' => array (),

    496. 

  496. 			'type' => array ()),

    497. 

  497. 		'ol' => array (

    498. 

  498. 			'class' => array (),

    499. 

  499. 			'start' => array (),

    500. 

  500. 			'style' => array (),

    501. 

  501. 			'type' => array ()),

    502. 

  502. 		'var' => array (),

    503. 

  503. 			'object' => array('height'=>array(), 'width'=>array()),

    504. 

  504. 		'param' => array('name'=>array(), 'value'=>array()),

    505. 

  505. 		'embed' => array('allowfullscreen'=>array(), 'allowscriptaccess'=>array(),

    506. 

  506. 			'height'=>array(), 'src' => array(), 'type'=>array(), 'width'=>array()),

    507. 

  507. 		'iframe' => array('frameborder'=>array(), 'scrolling'=>array(), 'style'=>array(),

    508. 

  508. 			'height'=>array(), 'src' => array(), 'type'=>array(), 'width'=>array())	

    509. 

  509. 			

    510. 

  510. 		);

    511. 

  511. 		

    512. 

  512. 

    513. 

  513. 		$CONFIG->allowedprotocols = array('http', 'https', 'ftp', 'news', 'mailto', 'rtsp', 'teamspeak', 'gopher', 'mms',

    514. 

  514.                            'color', 'callto', 'cursor', 'text-align', 'font-size', 'font-weight', 'font-style', 

    515. 

  515.                            'border', 'margin', 'padding', 'float');
    516. 

  516. 		
    517. 

  517. 		// For now, register the kses for processing
    518. 

  518. 		register_plugin_hook('validate', 'input', 'kses_filter_tags', 1);

    519. 

  519. 	}

    520. 

  520. 	

    521. 

  521. 	register_elgg_event_handler('init','system','input_init');

    522. 

  522.         

    523. 

  523. 	

    524. 

  524. ?>
    525. 

  525.