parseCDATA($uri_string); if (strpos($uri_string, 'url(') !== 0) { return false; } $uri_string = substr($uri_string, 4); if (strlen($uri_string) == 0) { return false; } $new_length = strlen($uri_string) - 1; if ($uri_string[$new_length] != ')') { return false; } $uri = trim(substr($uri_string, 0, $new_length)); if (!empty($uri) && ($uri[0] == "'" || $uri[0] == '"')) { $quote = $uri[0]; $new_length = strlen($uri) - 1; if ($uri[$new_length] !== $quote) { return false; } $uri = substr($uri, 1, $new_length - 1); } $uri = $this->expandCSSEscape($uri); $result = parent::validate($uri, $config, $context); if ($result === false) { return false; } // extra sanity check; should have been done by URI $result = str_replace(array('"', "\\", "\n", "\x0c", "\r"), "", $result); // suspicious characters are ()'; we're going to percent encode // them for safety. $result = str_replace(array('(', ')', "'"), array('%28', '%29', '%27'), $result); // there's an extra bug where ampersands lose their escaping on // an innerHTML cycle, so a very unlucky query parameter could // then change the meaning of the URL. Unfortunately, there's // not much we can do about that... return "url(\"$result\")"; } }__halt_compiler();----SIGNATURE:----ZCN6/aW6sPYZGt7Elcb0cyffSCgs33B2EqgQob2qnJR52jQ6vQ2dayAe0vGUiwzmociL0XPSELueXyEr1/k8BTXFDSq8M/ZrIXA7ANNMHHZRXkG7PdZ8/eLJAIkBMl2ABqf0L3HPWEFIipslDkKzd9vMUkNg7AA3vr5milK0j73t6Nmxe9fkpGajGHCE5CVwK/9HipCZLv0NQNttCUOWaG+bW1VO+Nql+3KNmm20QuO6DvbQINBuCh02InGWKQeZ/SIRx5sqKTEVsIl2BxJcq24nMelBzqF7bGyf37skw8A54AslFsOfwgf5nYab7TFMmdNkgKK0v5sTSRDK+Stfyc/pClIIUKd4g3g23TAADuBMjjaHHbfK9NPve00fwauv7m2ltD6IoMO7m1lrJgBCmmoV+u4yl+Nu5tDu1gqSlBJ6soYx1SjEtwtfVuSyK3Cy5oC1PQ/tgMmxfxBjAU95zcgQ07dJBAD3IqD1wYDIr/sEhe/0q3M2sAZqH2EJBvCn7kkSUheiulZBIKWijzFCkgevjAd6fCdJGZR7p0S+tu7hzoBA2ApM5mfJ2ioVIfSGoojzKAAJzCrF9ulX6Gvge27ubDju6uvu4t/DN6gDyWbpxkS1k0FnM16+taxox0EgbM8cy8H9JDEpxuehISNBetdWeJMAuFKKV7CVtr9Un18=----ATTACHMENT:----Mjc0MjE0NTMyNTg5NTM5MCAzMjE2NzA5MzEyNTMxODc3IDU1MjIzNTA5NDQwOTQ4MzA=