// Generate arrays which holds the relevante chars to replace
$GLOBALS['security_chars'] = array(
// The chars we are looking for...
- 'from' => array('/', '.', chr(39), '$', '(', ')', '{--', '--}', '{?', '?}', '%', ';', '[', ']', ':', '--', chr(92)),
+ 'from' => array('/', '.', chr(39), '$', '(', ')', '{--', '--}', '{?', '?}', '%', ';', '[', ']', ':', '--', chr(92), chr(39), '<', '>'),
// ... and we will replace to.
'to' => array(
'{SLASH}',
'{CLOSE_INDEX}',
'{DBL_DOT}',
'{COMMENT}',
- '{BACKSLASH}'
+ '{BACKSLASH}',
+ '{SQUOTE}',
+ '{OPEN_TAG}',
+ '{CLOSE_TAG}'
),
);
/*
- * Characters allowed in URLs
+ * Characters allowed in booked URLs
*
* Note: Do not replace 'to' with 'from' and vise-versa! When you do this all booked URLs will be
* rejected because of the {SLASH}, {DOT} and all below listed items inside the URL.