Edit File by line

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in /home/sportsfever/public_html/filemanger/function.php on line 93
/home/sportsfe.../httpdocs/clone/wp-conte.../plugins/ninja-fo.../includes/Handlers
File: Sanitizer.php
<?php
[0] Fix | Delete
[1] Fix | Delete
namespace NinjaForms\Includes\Handlers;
[2] Fix | Delete
[3] Fix | Delete
/**
[4] Fix | Delete
* Sanitize output for enhanced functionality while maintaining security
[5] Fix | Delete
*/
[6] Fix | Delete
class Sanitizer{
[7] Fix | Delete
[8] Fix | Delete
const DISALLOWED_SCRIPT_TRIGGERS=[
[9] Fix | Delete
'/<\s*(script)/i', // < script (includes empty spaces after opening tag)
[10] Fix | Delete
'/(onload)/i', // word 'onload'
[11] Fix | Delete
'/(onerror)/i', // word 'onerror'
[12] Fix | Delete
'/(onfocus)/i', // word 'onfocus'
[13] Fix | Delete
'/(javascript)/i' // word 'javascript'
[14] Fix | Delete
];
[15] Fix | Delete
[16] Fix | Delete
/**
[17] Fix | Delete
* Block disallowed script triggering text
[18] Fix | Delete
*
[19] Fix | Delete
* @param string $string
[20] Fix | Delete
* @return string
[21] Fix | Delete
*/
[22] Fix | Delete
public static function preventScriptTriggerInHtmlOutput(string $string): string
[23] Fix | Delete
{
[24] Fix | Delete
$return = $string;
[25] Fix | Delete
[26] Fix | Delete
$fail = false;
[27] Fix | Delete
[28] Fix | Delete
foreach(self::DISALLOWED_SCRIPT_TRIGGERS as $disallowedString){
[29] Fix | Delete
$preg_match = preg_match($disallowedString,$string);
[30] Fix | Delete
[31] Fix | Delete
if($preg_match){
[32] Fix | Delete
$fail = true;
[33] Fix | Delete
}
[34] Fix | Delete
}
[35] Fix | Delete
[36] Fix | Delete
if($fail){
[37] Fix | Delete
$return = htmlspecialchars($return,\ENT_QUOTES);
[38] Fix | Delete
}
[39] Fix | Delete
[40] Fix | Delete
return $return;
[41] Fix | Delete
}
[42] Fix | Delete
}
[43] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function