kazhnuz/koblog
1
0
Fork 0
Code Issues 31 Pull requests Projects 3 Releases Packages Wiki Activity Actions

Added URL validation for social buttons

Browse source
This commit is contained in:
Alejandro Romero Herrera 2020-08-28 21:10:06 +03:00
parent c363cd5153
commit d5be0c0cdb
1 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
bl-kernel/site.class.php
View file

@ -49,6 +49,18 @@ class Site extends dbJSON {
'markdownParser'=> true, 'markdownParser'=> true,
'customFields'=> '{}' 'customFields'=> '{}'
); );
private $linkKeys = array(
'twitter',
'facebook',
'codepen',
'instagram',
'github',
'gitlab',
'linkedin',
'mastodon',
'dribbble',
'vk'
);
function __construct() function __construct()
{ {
@ -74,6 +86,11 @@ class Site extends dbJSON {
if (isset($args[$field])) { if (isset($args[$field])) {
$finalValue = Sanitize::html($args[$field]); $finalValue = Sanitize::html($args[$field]);
$finalValue = Sanitize::noJSLink($finalValue); $finalValue = Sanitize::noJSLink($finalValue);
if (in_array($field,$this->linkKeys)){
if (!filter_var($finalValue, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED | FILTER_FLAG_HOST_REQUIRED)) {
$finalValue = "";
}
}
if ($finalValue==='false') { $finalValue = false; } if ($finalValue==='false') { $finalValue = false; }
elseif ($finalValue==='true') { $finalValue = true; } elseif ($finalValue==='true') { $finalValue = true; }
settype($finalValue, gettype($value)); settype($finalValue, gettype($value));