AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1067 from itflow-org/encoding 

Detect and convert non-UTF8 encoding as part of input sanitization
This commit is contained in:
Johnny 2024-09-21 11:27:00 -04:00 committed by GitHub
parent c5e13fdba6 b509090530
commit f1ce116fb5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
functions.php
View File

@ -733,6 +733,14 @@ function sanitizeInput($input)
{
global $mysqli;
// Detect encoding
$encoding = mb_detect_encoding($input, ['UTF-8', 'ISO-8859-1', 'Windows-1252', 'ISO-8859-15'], true);
// If not UTF-8, convert to UTF8 (primarily Windows-1252 is problematic)
if ($encoding !== 'UTF-8') {
$input = mb_convert_encoding($input, 'UTF-8', $encoding);
}
// Remove HTML and PHP tags
$input = strip_tags((string) $input);