=========================================================== .___ __ __ _________________ __ __ __| _/|__|/ |_ / ___\_` __ \__ \ | | \/ __ | | \\_ __\ / /_/ > | \// __ \| | / /_/ | | || | \___ /|__| (____ /____/\____ | |__||__| /_____/ \/ \/ grep rough audit - static analysis tool v2.8 written by @Wireghoul =================================[justanotherhacker.com]=== php-htmlawed-1.1.20/htmLawed.php-28- if(isset($x[1])){ php-htmlawed-1.1.20/htmLawed.php:29: preg_match_all('`(?:^|-|\+)[^\-+]+?(?=-|\+|$)`', $x, $m, PREG_SET_ORDER); php-htmlawed-1.1.20/htmLawed.php-30- for($i=count($m); --$i>=0;){$m[$i] = $m[$i][0];} ############################################## php-htmlawed-1.1.20/htmLawed.php-103-// main php-htmlawed-1.1.20/htmLawed.php:104:$t = preg_replace_callback('`<(?:(?:\s|$)|(?:[^>]*(?:>|$)))|>`m', 'hl_tag', $t); php-htmlawed-1.1.20/htmLawed.php-105-$t = $C['balance'] ? hl_bal($t, $C['keep_bad'], $C['parent']) : $t; ############################################## php-htmlawed-1.1.20/htmLawed.php-338-if(isset($c['*']) or !strcspn($p, '#?;') or (substr($p, 0, 7) == $d)){return "{$b}{$p}{$a}";} // All ok, frag, query, param php-htmlawed-1.1.20/htmLawed.php:339:if(preg_match('`^([^:?[@!$()*,=/\'\]]+?)(:|&#(58|x3a);|%3a|\\\\0{0,4}3a).`i', $p, $m) && !isset($c[strtolower($m[1])])){ // Denied prot php-htmlawed-1.1.20/htmLawed.php-340- return "{$b}{$d}{$p}{$a}"; ############################################## php-htmlawed-1.1.20/htmLawed.php-381-$s = array(); php-htmlawed-1.1.20/htmLawed.php:382:$t = str_replace(array("\t", "\r", "\n", ' '), '', preg_replace_callback('/"(?>(`.|[^"])*)"/sm', create_function('$m', 'return substr(str_replace(array(";", "|", "~", " ", ",", "/", "(", ")", \'`"\'), array("\x01", "\x02", "\x03", "\x04", "\x05", "\x06", "\x07", "\x08", "\""), $m[0]), 1, -1);'), trim($t))); php-htmlawed-1.1.20/htmLawed.php-383-for($i = count(($t = explode(';', $t))); --$i>=0;){ ############################################## php-htmlawed-1.1.20/htmLawed.php-482- if($w == 0){ // Parse errs, deal with space, " & ' php-htmlawed-1.1.20/htmLawed.php:483: $a = preg_replace('`^(?:"[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*`', '', $a); php-htmlawed-1.1.20/htmLawed.php-484- $mode = 0; ############################################## php-htmlawed-1.1.20/htmLawed.php-627- $a2 = ''; php-htmlawed-1.1.20/htmLawed.php:628: if(preg_match('`face\s*=\s*(\'|")([^=]+?)\\1`i', $a, $m) or preg_match('`face\s*=(\s*)(\S+)`i', $a, $m)){ php-htmlawed-1.1.20/htmLawed.php-629- $a2 .= ' font-family: '. str_replace('"', '\'', trim($m[2])). ';'; php-htmlawed-1.1.20/htmLawed.php-630- } php-htmlawed-1.1.20/htmLawed.php:631: if(preg_match('`color\s*=\s*(\'|")?(.+?)(\\1|\s|$)`i', $a, $m)){ php-htmlawed-1.1.20/htmLawed.php-632- $a2 .= ' color: '. str_replace('"', '\'', trim($m[2])). ';'; php-htmlawed-1.1.20/htmLawed.php-633- } php-htmlawed-1.1.20/htmLawed.php:634: if(preg_match('`size\s*=\s*(\'|")?(.+?)(\\1|\s|$)`i', $a, $m) && isset($fs[($m = trim($m[2]))])){ php-htmlawed-1.1.20/htmLawed.php-635- $a2 .= ' font-size: '. str_replace('"', '\'', $fs[$m]). ';'; ############################################## php-htmlawed-1.1.20/htmLawedTest.php-71-if(isset($_POST['inputH'])){ php-htmlawed-1.1.20/htmLawedTest.php:72: echo '<html><head><title>htmLawed test: HTML view of unprocessed input</title></head><body style="margin:0; padding: 0;"><p style="background-color: black; color: white; padding: 2px;"> Rendering of unprocessed input without an HTML doctype or charset declaration <small><a style="color: white; text-decoration: none;" href="1" onclick="javascript:window.close(this); return false;">close window</a> | <a style="color: white; text-decoration: none;" href="htmLawedTest.php" onclick="javascript: window.open(\'htmLawedTest.php\', \'hlmain\'); window.close(this); return false;">htmLawed test page</a></small></p><div>', $_POST['inputH'], '</div></body></html>'; php-htmlawed-1.1.20/htmLawedTest.php-73- exit; ############################################## php-htmlawed-1.1.20/htmLawedTest.php-268- f.method = 'post'; php-htmlawed-1.1.20/htmLawedTest.php:269: f.acceptCharset = '<?php echo htmlspecialchars($_POST['enc']); ?>'; php-htmlawed-1.1.20/htmLawedTest.php-270- if(f.style){f.style.display = 'none';} ############################################## php-htmlawed-1.1.20/htmLawedTest.php-292- f.method = 'post'; php-htmlawed-1.1.20/htmLawedTest.php:293: f.acceptCharset = '<?php echo htmlspecialchars($_POST['enc']); ?>'; php-htmlawed-1.1.20/htmLawedTest.php-294- if(f.style){f.style.display = 'none';} ############################################## php-htmlawed-1.1.20/htmLawedTest.php-444- php-htmlawed-1.1.20/htmLawedTest.php:445:<form id="testform" name="testform" action="htmLawedTest.php" method="post" accept-charset="<?php echo htmlspecialchars($_POST['enc']); ?>" style="padding:0; margin: 0; display:inline;"> php-htmlawed-1.1.20/htmLawedTest.php-446- ############################################## php-htmlawed-1.1.20/htmLawedTest.php-449-<input type="hidden" name="token" id="token" value="<?php echo $token; ?>" /> php-htmlawed-1.1.20/htmLawedTest.php:450:<div><textarea id="text" class="textarea" name="text" rows="5" cols="100" style="width: 100%;"><?php echo htmlspecialchars($_POST['text']);?></textarea></div> php-htmlawed-1.1.20/htmLawedTest.php-451-<input type="submit" id="submitF" name="submitF" value="Process" style="float:left;" title="filter using htmLawed" onclick="javascript: sndProc(); return false;" onkeypress="javascript: sndProc(); return false;" /> ############################################## php-htmlawed-1.1.20/htmLawedTest.php-479- php-htmlawed-1.1.20/htmLawedTest.php:480:<span style="float:right;" class="help" title="IANA-recognized name of the input character-set; can be multiple ;- or space-separated values; may not work in some browsers"><span style="font-size: 85%;">Encoding: </span><input type="text" size="8" id="enc" name="enc" style="vertical-align: middle;" value="<?php echo htmlspecialchars($_POST['enc']); ?>" /></span> php-htmlawed-1.1.20/htmLawedTest.php-481- ############################################## php-htmlawed-1.1.20/htmLawedTest.php-538- for($i = $j-1; ++$i < $v[0]+$v[3];++$j){ php-htmlawed-1.1.20/htmLawedTest.php:539: echo '<input type="radio" name="h', $k, '" value="', $i, '"', (!isset($_POST['h'. $k]) ? ($v[1] == $i ? ' checked="checked"' : '') : ($_POST['h'. $k] == $i ? ' checked="checked"' : '')), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />', $i, ' '; php-htmlawed-1.1.20/htmLawedTest.php-540- } php-htmlawed-1.1.20/htmLawedTest.php-541- if($v[1] == 'nil'){ php-htmlawed-1.1.20/htmLawedTest.php:542: echo '<input type="radio" name="h', $k, '" value="nil"', ((!isset($_POST['h'. $k]) or $_POST['h'. $k] == 'nil') ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />not set '; php-htmlawed-1.1.20/htmLawedTest.php-543- } php-htmlawed-1.1.20/htmLawedTest.php-544- if(!empty($v[4])){ // + input text box php-htmlawed-1.1.20/htmLawedTest.php:545: echo '<input type="radio" name="h', $k, '" value="', $j, '"', (((isset($_POST['h'. $k]) && $_POST['h'. $k] == $j) or (!isset($_POST['h'. $k]) && $j == $v[1])) ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; php-htmlawed-1.1.20/htmLawedTest.php-546- if(!is_array($v[4])){ php-htmlawed-1.1.20/htmLawedTest.php:547: echo $v[6], ': <input type="text" size="', $v[4], '" name="h', $k. $j, '" value="', htmlspecialchars(isset($_POST['h'. $k. $j][0]) ? $_POST['h'. $k. $j] : $v[5]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; php-htmlawed-1.1.20/htmLawedTest.php-548- } ############################################## php-htmlawed-1.1.20/htmLawedTest.php-550- foreach($v[4] as $z){ php-htmlawed-1.1.20/htmLawedTest.php:551: echo ' ', $z[3], ': <input type="text" size="', $z[0], '" name="h', $k. $j. $z[1], '" value="', htmlspecialchars(isset($_POST['h'. $k. $j. $z[1]][0]) ? $_POST['h'. $k. $j. $z[1]] : $z[2]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; php-htmlawed-1.1.20/htmLawedTest.php-552- } ############################################## php-htmlawed-1.1.20/htmLawedTest.php-556- elseif(ctype_digit($v[3])){ // input text php-htmlawed-1.1.20/htmLawedTest.php:557: echo '<input type="text" size="', $v[3], '" name="h', $k, '" value="', htmlspecialchars(isset($_POST['h'. $k][0]) ? $_POST['h'. $k] : $v[1]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />'; php-htmlawed-1.1.20/htmLawedTest.php-558- } ############################################## php-htmlawed-1.1.20/htmLawedTest.php-561-} php-htmlawed-1.1.20/htmLawedTest.php:562:echo '</ul></td></tr><tr><td><span style="vertical-align: top;" class="help" title="$spec argument: element-specific attribute rules">Spec:</span></td><td><textarea name="spec" id="spec" cols="70" rows="3" style="width:80%;">', htmlspecialchars((isset($_POST['spec']) ? $_POST['spec'] : '')), '</textarea></td></tr></table>'; php-htmlawed-1.1.20/htmLawedTest.php-563-?> ############################################## php-htmlawed-1.1.20/htmLawedTest.php-602- $et = microtime(); php-htmlawed-1.1.20/htmLawedTest.php:603: echo '<br /><a href="htmLawedTest.php" title="[toggle visibility] syntax-highlighted" onclick="javascript:toggle(\'inputR\'); return false;"><span class="notice">Input code »</span></a> <span class="help" title="tags estimated as half of total > and < chars; values may be inaccurate for non-ASCII text"><small><big>', strlen($_POST['text']), '</big> chars, ~<big>', ($tag = round((substr_count($_POST['text'], '>') + substr_count($_POST['text'], '<'))/2)), '</big> tag', ($tag > 1 ? 's' : ''), '</small> </span><div id="inputR" style="display: none;">', format($_POST['text']), '</div><script type="text/javascript">hl(\'inputR\');</script>', (!isset($_POST['text'][$_hlimit]) ? ' <a href="htmLawedTest.php" title="[toggle visibility] hexdump; non-viewable characters like line-returns are shown as dots" onclick="javascript:toggle(\'inputD\'); return false;"><span class="notice">Input binary » </span></a><div id="inputD" style="display: none;">'. hexdump($_POST['text']). '</div>' : ''), ' <a href="htmLawedTest.php" title="[toggle visibility] finalized internal settings as interpreted by htmLawed; for developers" onclick="javascript:toggle(\'settingF\'); return false;"><span class="notice">Finalized internal settings » </span></a> <div id="settingF" style="display: none;">$config: ', str_replace(array(' ', "\t", ' '), array(' ', ' ', ' '), nl2br(htmlspecialchars(print_r($GLOBALS['hlcfg']['config'], true)))), '<br />$spec: ', str_replace(array(' ', "\t", ' '), array(' ', ' ', ' '), nl2br(htmlspecialchars(print_r($GLOBALS['hlcfg']['spec'], true)))), '</div><script type="text/javascript">hl(\'settingF\');</script>', '<br /><a href="htmLawedTest.php" title="[toggle visibility] suitable for copy-paste" onclick="javascript:toggle(\'outputF\'); return false;"><span class="notice">Output »</span></a> <span class="help" title="approx., server-specific value excluding the \'include()\' call"><small>htmLawed processing time <big>', number_format(((substr($et,0,9)) + (substr($et,-10)) - (substr($st,0,9)) - (substr($st,-10))),4), '</big> s</small></span>', (($mem = memory_get_peak_usage()) !== false ? '<span class="help"><small>, peak memory usage <big>'. round(($mem-$pre_mem)/1048576, 2). '</big> <small>MB</small>' : ''), '</small></span><div id="outputF" style="display: block;"><div><textarea id="text2" class="textarea" name="text2" rows="5" cols="100" style="width: 100%;">', htmlspecialchars($out), '</textarea></div><button type="button" onclick="javascript:document.getElementById(\'text2\').focus();document.getElementById(\'text2\').select()" title="select all to copy" style="float:right;">Select all</button>'; php-htmlawed-1.1.20/htmLawedTest.php-604- if($_w3c_validate && $validation) ############################################## php-htmlawed-1.1.20/htmLawedTest.php-612- } php-htmlawed-1.1.20/htmLawedTest.php:613: echo '</div><br /><a href="htmLawedTest.php" title="[toggle visibility] syntax-highlighted" onclick="javascript:toggle(\'outputR\'); return false;"><span class="notice">Output code »</span></a><div id="outputR" style="display: block;">', format($out), '</div><script type="text/javascript">hl(\'outputR\');</script>', (!isset($_POST['text'][$_hlimit]) ? ' <a href="htmLawedTest.php" title="[toggle visibility] hexdump; non-viewable characters like line-returns are shown as dots" onclick="javascript:toggle(\'outputD\'); return false;"><span class="notice">Output binary »</span></a><div id="outputD" style="display: none;">'. hexdump($out). '</div>' : ''), ' <a href="htmLawedTest.php" title="[toggle visibility] inline output-input diff; might not be perfectly accurate, semantically or otherwise " onclick="javascript:toggle(\'diff\'); diffLaunch(); return false;"><span class="notice">Diff »</span></a> <div id="diff" style="display: none;"></div><br /><a href="htmLawedTest.php" title="[toggle visibility] XHTML 1 Transitional doctype" onclick="javascript:toggle(\'outputH\'); return false;"><span class="notice">Output rendered »</span></a><div id="outputH" style="display: block;">', $out, '</div>'; php-htmlawed-1.1.20/htmLawedTest.php-614-} ############################################## php-htmlawed-1.1.20/htmLawed_README.txt-1707- php-htmlawed-1.1.20/htmLawed_README.txt:1708: `Finalized` '$config' and '$spec' are made *global variables* while htmLawed is at work. Values of any pre-existing global variables with same names are noted, and their values are restored after htmLawed finishes processing the input (to capture the `finalized` values, the 'show_settings' parameter of '$config' should be used). Depending on '$config', another global variable 'hl_Ids', to track 'id' attribute values for uniqueness, may be set. Unlike the other two variables, this one is not reset (or unset) post-processing. php-htmlawed-1.1.20/htmLawed_README.txt-1709-