<?php
class SecureLabFilters {
public function __construct() {
return true;
}
public function ApplyFilter ( $String, $Filter ) {
$DefFilters = array (
"" => "1",
"P2" => "2",
"P3" => "10",
"B1" => "3",
"B2" => "4",
"B3" => "5",
"H1" => "6",
"H2" => "7",
"C1" => "8",
"C2" => "9"
);
if( !is_numeric( $Filter ) ) {
if( array_key_exists( $Filter, $DefFilters) ) {
$FilterID = $DefFilters[ $Filter ];
}
} else {
$FilterID = (int) $Filter;
}
switch($FilterID) {
case 1:
// Filter ID1: Primary 1, allowed: {english , . ; : ( ) num @}
preg_match_all("/[a-zA-Z0-9., ;¹()+_+-]*/", $String, $Match);
$ResultToReturn = "";
foreach ($Match[0] as $MatchKey => $MatchValue) {
$ResultToReturn .= $MatchValue;
}
return $ResultToReturn;
break;
case 2:
// Filter ID2: Primary 2, allowed: {english russian + - _ ! @ $ \ | / * = , . ; : ( ) num @}
preg_match_all("/[a-zA-Z0-9., !@$*=:|\/%;¹()+++_+-]*/", $String, $Match);
$ResultToReturn = "";
foreach ($Match[0] as $MatchKey => $MatchValue) {
$ResultToReturn .= $MatchValue;
}
return $ResultToReturn;
break;
case 10:
// Filter ID10: Primary 3, allowed: {num}
preg_match_all("/[0-9]*/", $String, $Match);
$ResultToReturn = "";
foreach ($Match[0] as $MatchKey => $MatchValue) {
$ResultToReturn .= $MatchValue;
}
return $ResultToReturn;
break;
case 3:
// Filter ID3: Base 1, allowed: {num en symbols except dangerous}
preg_match_all("/[0-9A-Za-z.,!()@?%$=;:]*/", $String, $Match);
$ResultToReturn = "";
foreach ($Match[0] as $MatchKey => $MatchValue) {
$ResultToReturn .= $MatchValue;
}
return $ResultToReturn;
break;
case 4:
// Filter ID4: Base 2, allowed: {num en ru symbols except dangerous}
preg_match_all("/[0-9A-Za-zÀ-ßà-ÿ.,!()@?%$=;:]*/", $String, $Match);
$ResultToReturn = "";
foreach ($Match[0] as $MatchKey => $MatchValue) {
$ResultToReturn .= $MatchValue;
}
return $ResultToReturn;
break;
case 5:
// Filter ID5: Base 3, allowed: {user}
global $SLPublicMainConfig;
preg_match_all( $SLPublicMainConfig["FILTERS"]["BASE3_ADVANCED_SETTINGS"], $String, $Match);
$ResultToReturn = "";
foreach ($Match[0] as $MatchKey => $MatchValue) {
$ResultToReturn .= $MatchValue;
}
return $ResultToReturn;
break;
case 6:
// Filter ID6: HTML, allowed: {any except dangerous}
$GetAllHTMLTags = explode( "<", $String );
foreach( $GetAllHTMLTags as $Position => $Target ) {
$Analyzer = explode( ">", $Target );
if( strpos( " ".strtolower($Analyzer[0]), "script" )
|| strpos( " ".strtolower($Analyzer[0]), "style" )
|| strpos( " ".strtolower($Analyzer[0]), "iframe" )
|| strpos( " ".strtolower($Analyzer[0]), "form" )
|| strpos( " ".strtolower($Analyzer[0]), "input" )
) {
$String = str_replace( "<" . $Analyzer[0] . ">", "<" . $Analyzer[0] . ">", $String );
}
}
return $String;
break;
case 7:
// Filter ID6: HTML, allowed: {predefined by system only}
$GetAllHTMLTags = explode( "<", $String );
$AllowedHTMLTags[0] = array (
"b", "strong", "i", "u", "s", "em", "h1",
"h2", "h3", "h4", "h5", "h6", "br", "br",
"hr", "pre", "sub", "sup", "p", "div"
);
$AllowedHTMLTags[1] = array (
"a" => array( "href", "title", "style" ),
"img" => array( "src", "alt", "title", "style" )
);
foreach( $GetAllHTMLTags as $Position => $Target ) {
$Analyzer = explode( ">", $Target );
$Replacer[0] = array (
" " => null,
"/" => null
);
$Replacer[1] = array (
"/" => null
);
# Incomung analyze, step one of seven: basic HTML tags without any additional formatting
if( ! in_array ( strtr(strtolower($Analyzer[0]), $Replacer[0]), $AllowedHTMLTags[0] ) ) {
# Step two of seven
$PreparingForStep2[0] = explode( "\"", strtr(strtolower($Analyzer[0]), $Replacer[1]) );
foreach ( $PreparingForStep2[0] as $PositionID => $SlashesValue ) {
}
$PreparingForStep2 = explode( " ", strtr(strtolower($Analyzer[0]), $Replacer[1]) );
if( array_key_exists( $PreparingForStep2[0], $AllowedHTMLTags[1] ) ) {
foreach( $PreparingForStep2 as $PositionID => $Tag ) {}
}
$String = str_replace( "<" . $Analyzer[0] . ">", "<" . $Analyzer[0] . ">", $String );
}
}
return $String;
break;
}
}
}
?>