Collections functions
Encryption functions
General functions
Theme permission functions
Resource functions

config_clean()

Description

Utility function to "clean" the passed $config. Cleaning consists of two parts:
Suppressing really simple XSS attacks by refusing to allow strings
containing the characters "<script" in upper, lower or mixed case.
Unescaping instances of "'" and '"' that have been escaped by the
lovely magic_quotes_gpc facility, if it's on.

Parameters

ColumnTypeDefaultDescription
$config
mixed $config thing to be cleaned.

Return

a cleaned version of $config.

Location

include/config_functions.php lines 318 to 335

Definition

 
function config_clean($config)
    {
    if (
is_array($config))
        {
        foreach (
$config as &$item)
            {
            
$item config_clean($item);
            }
        }
    elseif (
is_string($config))
        {
        if (
strpos(strtolower($config),"<script") !== false)
            {
            
$config '';
            }
        }
    return 
$config;
    }

This article was last updated 15th July 2020 05:05 Europe/London time based on the source file dated 8th July 2020 11:40 Europe/London time.