Skip to content

Commit

Permalink
Merge pull request #1067 from itflow-org/encoding
Browse files Browse the repository at this point in the history 
Detect and convert non-UTF8 encoding as part of input sanitization
  • Loading branch information
@johnnyq
johnnyq authored Sep 21, 2024
2 parents c5e13fd + b509090 commit f1ce116
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -733,6 +733,14 @@ function sanitizeInput($input)
{
global $mysqli;

// Detect encoding
$encoding = mb_detect_encoding($input, ['UTF-8', 'ISO-8859-1', 'Windows-1252', 'ISO-8859-15'], true);

// If not UTF-8, convert to UTF8 (primarily Windows-1252 is problematic)
if ($encoding !== 'UTF-8') {
$input = mb_convert_encoding($input, 'UTF-8', $encoding);
}

// Remove HTML and PHP tags
$input = strip_tags((string) $input);

Expand Down

0 comments on commit f1ce116

Please sign in to comment.