- Removed valid_input_check().

29172616 · Dries · bcb6257b · 29172616 · 29172616 · 29172616
Commit 29172616 authored Nov 30, 2005 by Dries
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 22 deletions

includes/bootstrap.inc includes/bootstrap.inc +0 -10

includes/common.inc includes/common.inc +11 -0

includes/file.inc includes/file.inc +0 -12

No files found.
--- a/includes/bootstrap.inc
+++ b/includes/bootstrap.inc
@@ -714,16 +714,6 @@ function check_plain($text) {
  return htmlspecialchars($text, ENT_QUOTES);
 }

-/**
- * Prepare a URL for use in an HTML attribute. Strips harmful protocols.
- */
-function check_url($uri) {
-  $uri = htmlspecialchars($uri, ENT_QUOTES);
-  $uri = filter_xss_bad_protocol($uri, FALSE);
-
-  return $uri;
-}
-
 /**
 * Since request_uri() is only available on Apache, we generate an
 * equivalent using other environment variables.

--- a/includes/common.inc
+++ b/includes/common.inc
@@ -691,6 +691,17 @@ function check_file($filename) {
  return is_uploaded_file($filename);
 }

+/**
+ * Prepare a URL for use in an HTML attribute. Strips harmful protocols.
+ *
+ */
+function check_url($uri) {
+  $uri = htmlspecialchars($uri, ENT_QUOTES);
+  $uri = filter_xss_bad_protocol($uri, FALSE);
+
+  return $uri;
+}
+
 /**
 * @defgroup format Formatting
 * @{

--- a/includes/file.inc
+++ b/includes/file.inc
@@ -391,12 +391,6 @@ function file_save_upload($source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
      }
    }

-    if (!user_access('bypass input data check') && !valid_input_data($file)) {
-      watchdog('security', t('The file %file has not been saved, because it may contain a possible attempt to exploit or abuse this system.', array('%file' => theme('placeholder', $source))), WATCHDOG_WARNING);
-      drupal_set_message(t('The file %file has not been saved, because it contains invalid data.', array('%file' => theme('placeholder', $source))), 'error');
-      return 0;
-    }
-
    // Check for file upload errors.
    switch ($file->error) {
      case 0: // UPLOAD_ERR_OK: File uploaded successfully
@@ -435,12 +429,6 @@ function file_save_upload($source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
 * @return A string containing the resulting filename or 0 on error
 */
 function file_save_data($data, $dest, $replace = FILE_EXISTS_RENAME) {
-  if (!user_access('bypass input data check') && !valid_input_data($data)) {
-    watchdog('security', t('The file has not been saved, because it may contain a possible attempt to exploit or abuse this system.'), WATCHDOG_WARNING);
-    drupal_set_message(t('The file has not been saved, because it contains invalid data.'), 'error');
-    return 0;
-  }
-
  $temp = file_directory_temp();
  $file = tempnam($temp, 'file');
  if (!$fp = fopen($file, 'wb')) {