本文整理汇总了PHP中clear_xss函数的典型用法代码示例。如果您正苦于以下问题:PHP clear_xss函数的具体用法?PHP clear_xss怎么用?PHP clear_xss使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了clear_xss函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: SendTellFriend
/**
* send "tell a friend" email
*/
function SendTellFriend($iSenderID = 0)
{
global $profileID;
$sRecipient = clear_xss($_POST['friends_emails']);
$sSenderName = clear_xss($_POST['name']);
$sSenderEmail = clear_xss($_POST['email']);
if (strlen(trim($sRecipient)) <= 0) {
return 0;
}
if (strlen(trim($sSenderEmail)) <= 0) {
return 0;
}
$sLinkAdd = $iSenderID > 0 ? 'idFriend=' . $iSenderID : '';
$rEmailTemplate = new BxDolEmailTemplates();
if ($profileID) {
$aTemplate = $rEmailTemplate->getTemplate('t_TellFriendProfile', $profileID);
$Link = getProfileLink($profileID, $sLinkAdd);
} else {
$aTemplate = $rEmailTemplate->getTemplate('t_TellFriend');
$Link = BX_DOL_URL_ROOT;
if (strlen($sLinkAdd) > 0) {
$Link .= '?' . $sLinkAdd;
}
}
$aPlus = array('Link' => $Link, 'FromName' => $sSenderName);
return sendMail($sRecipient, $aTemplate['Subject'], $aTemplate['Body'], '', $aPlus);
}
示例2: SendTellFriend
/**
* send "tell a friend" email
*/
function SendTellFriend($iSenderID = 0)
{
global $profileID;
$sSenderEmail = clear_xss(bx_get('sender_email'));
if (strlen(trim($sSenderEmail)) <= 0) {
return 0;
}
$sSenderName = clear_xss(bx_get('sender_name'));
$sSenderLink = $iSenderID != 0 ? getProfileLink($iSenderID) : BX_DOL_URL_ROOT;
$sRecipientEmail = clear_xss(bx_get('recipient_email'));
if (strlen(trim($sRecipientEmail)) <= 0) {
return 0;
}
$sLinkAdd = $iSenderID > 0 ? 'idFriend=' . $iSenderID : '';
$rEmailTemplate = new BxDolEmailTemplates();
if ($profileID) {
$aTemplate = $rEmailTemplate->getTemplate('t_TellFriendProfile', getLoggedId());
$Link = getProfileLink($profileID, $sLinkAdd);
} else {
$aTemplate = $rEmailTemplate->getTemplate('t_TellFriend', getLoggedId());
$Link = BX_DOL_URL_ROOT;
if (strlen($sLinkAdd) > 0) {
$Link .= '?' . $sLinkAdd;
}
}
return sendMail($sRecipientEmail, $aTemplate['Subject'], $aTemplate['Body'], '', array('Link' => $Link, 'SenderName' => $sSenderName, 'SenderLink' => $sSenderLink));
}
示例3: actionGetImage
function actionGetImage($sParamValue, $sParamValue1)
{
$sParamValue = clear_xss($sParamValue);
$sParamValue1 = clear_xss($sParamValue1);
$iPointPos = strrpos($sParamValue1, '.');
$sKey = substr($sParamValue1, 0, $iPointPos);
$iId = $this->_oDb->getIdByHash($sKey);
if ($iId > 0) {
$sExt = substr($sParamValue1, $iPointPos + 1);
switch ($sExt) {
case 'png':
$sCntType = 'image/x-png';
break;
case 'gif':
$sCntType = 'image/gif';
break;
default:
$sCntType = 'image/jpeg';
}
$sPath = $this->_oConfig->getFilesPath() . $iId . str_replace('{ext}', $sExt, $this->_oConfig->aFilePostfix[$sParamValue]);
$sAdd = '';
if ($this->iHeaderCacheTime > 0) {
$iLastModTime = filemtime($sPath);
$sAdd = ", max-age={$this->iHeaderCacheTime}, Last-Modified: " . gmdate("D, d M Y H:i:s", $iLastModTime) . " GMT";
}
header("Cache-Control: must-revalidate, post-check=0, pre-check=0" . $sAdd);
header("Content-Type:" . $sCntType);
header("Content-Length: " . filesize($sPath));
readfile($sPath);
} else {
header("HTTP/1.0 404 Not Found");
echo _t('_sys_request_page_not_found_cpt');
}
exit;
}
示例4: PageCompPageMainCode
/**
* page code function
*/
function PageCompPageMainCode($iID, $sConfCode)
{
global $site;
$ID = (int) $iID;
$ConfCode = clear_xss($sConfCode);
$p_arr = getProfileInfo($ID);
if (!$p_arr) {
$_page['header'] = _t("_Error");
$_page['header_text'] = _t("_Profile Not found");
return MsgBox(_t('_Profile Not found Ex'));
}
$aCode = array('message_status' => '', 'message_info' => '', 'bx_if:form' => array('condition' => false, 'content' => array('form' => '')), 'bx_if:next' => array('condtion' => false, 'content' => array('next_url' => '')));
if ($p_arr['Status'] == 'Unconfirmed') {
$ConfCodeReal = base64_encode(base64_encode(crypt($p_arr[Email], CRYPT_EXT_DES ? "secret_co" : "se")));
if (strcmp($ConfCode, $ConfCodeReal) != 0) {
$aForm = array('form_attrs' => array('action' => BX_DOL_URL_ROOT . 'profile_activate.php', 'method' => 'post', 'name' => 'form_change_status'), 'inputs' => array('conf_id' => array('type' => 'hidden', 'name' => 'ConfID', 'value' => $ID), 'conf_code' => array('type' => 'text', 'name' => 'ConfCode', 'value' => '', 'caption' => _t("_Confirmation code")), 'submit' => array('type' => 'submit', 'name' => 'submit', 'value' => _t("_Submit"))));
$oForm = new BxTemplFormView($aForm);
$aCode['message_status'] = _t("_Profile activation failed");
$aCode['message_info'] = _t("_EMAIL_CONF_FAILED_EX");
$aCode['bx_if:form']['condition'] = true;
$aCode['bx_if:form']['content']['form'] = $oForm->getCode();
} else {
$aCode['bx_if:next']['condition'] = true;
$aCode['bx_if:next']['content']['next_url'] = BX_DOL_URL_ROOT . 'member.php';
$send_act_mail = false;
if (getParam('autoApproval_ifJoin') == 'on' && !(getParam('sys_dnsbl_enable') && 'approval' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join'))) {
$status = 'Active';
$send_act_mail = true;
$aCode['message_info'] = _t("_PROFILE_CONFIRM");
} else {
$status = 'Approval';
$aCode['message_info'] = _t("_EMAIL_CONF_SUCCEEDED", $site['title']);
}
$update = bx_admin_profile_change_status($ID, $status, $send_act_mail);
// Promotional membership
if (getParam('enable_promotion_membership') == 'on') {
$memership_days = getParam('promotion_membership_days');
setMembership($p_arr['ID'], MEMBERSHIP_ID_PROMOTION, $memership_days, true);
}
// check couple profile;
if ($p_arr['Couple']) {
$update = bx_admin_profile_change_status($p_arr['Couple'], $status);
//Promotional membership
if (getParam('enable_promotion_membership') == 'on') {
$memership_days = getParam('promotion_membership_days');
setMembership($p_arr['Couple'], MEMBERSHIP_ID_PROMOTION, $memership_days, true);
}
}
if (getParam('newusernotify')) {
$oEmailTemplates = new BxDolEmailTemplates();
$aTemplate = $oEmailTemplates->getTemplate('t_UserConfirmed', $p_arr['ID']);
sendMail($site['email_notify'], $aTemplate['Subject'], $aTemplate['Body'], $p_arr['ID']);
}
}
} else {
$aCode['message_info'] = _t('_ALREADY_ACTIVATED');
}
return $GLOBALS['oSysTemplate']->parseHtmlByName('profile_activate.html', $aCode);
}
示例5: getFileConcept
function getFileConcept($iFileId, $aExtra = array())
{
$sOverride = false;
$oAlert = new BxDolAlerts($this->_oConfig->getMainPrefix(), 'display_player', $iFileId, getLoggedId(), array('extra' => $aExtra, 'override' => &$sOverride));
$oAlert->alert();
if ($sOverride) {
return $sOverride;
}
$iFileId = (int) $iFileId;
return '<div class="viewFile" style="width:100%">' . getApplicationContent('mp3', 'player', array('id' => $iFileId, 'user' => (int) $_COOKIE['memberID'], 'password' => clear_xss($_COOKIE['memberPassword'])), true) . '</div>';
}
示例6: getFileConcept
function getFileConcept($iFileId, $aExtra = array())
{
$iFileId = (int) $iFileId;
if (empty($aExtra['ext'])) {
$sPlayer = getApplicationContent('video', 'player', array('id' => $iFileId, 'user' => $this->iViewer, 'password' => clear_xss($_COOKIE['memberPassword'])), true);
} else {
$sPlayer = str_replace("#video#", $aExtra['ext'], YOUTUBE_VIDEO_PLAYER);
$sPlayer = str_replace("#wmode#", getWMode(), $sPlayer);
$sPlayer = str_replace("#autoplay#", getSettingValue("video", "autoPlay") == TRUE_VAL ? "1" : "0", $sPlayer);
}
$iWidth = (int) $this->_oConfig->getGlParam('file_width');
return '<div class="viewFile" style="width: ' . ($iWidth + 2) . 'px;">' . $sPlayer . '</div>';
}
示例7: _testClearXss
protected function _testClearXss($isAdmin, $sCalled)
{
// create mock object instance of HTMLPurifier class
require_once BX_DIRECTORY_PATH_PLUGINS . 'htmlpurifier/HTMLPurifier.standalone.php';
$GLOBALS['oHtmlPurifier'] = $this->getMock('HTMLPurifier');
// set admin or not admin user
$GLOBALS['logged']['admin'] = $isAdmin;
// check if we have instance of correct class
$this->assertInstanceOf('HTMLPurifier', $GLOBALS['oHtmlPurifier']);
// we expect that 'purify' method should be called once(or never) when we call clear_xss function
$GLOBALS['oHtmlPurifier']->expects($this->{$sCalled}())->method('purify');
// call tested function
clear_xss('test');
}
示例8: PageCodeEdit
function PageCodeEdit()
{
$aForm = array('form_attrs' => array('id' => 'adm-css-edit', 'name' => 'adm-css-edit', 'action' => $GLOBALS['site']['url_admin'] . 'css_file.php', 'method' => 'post', 'enctype' => 'multipart/form-data'), 'params' => array('db' => array('table' => '', 'key' => '', 'uri' => '', 'uri_title' => '', 'submit_name' => 'adm-css-save')), 'inputs' => array('css_file' => array('type' => 'select', 'name' => 'css_file', 'caption' => _t('_adm_txt_css_file'), 'value' => '', 'values' => array(), 'attrs' => array('onchange' => "javascript:document.forms['adm-css-edit'].submit();")), 'content' => array('type' => 'textarea', 'name' => 'content', 'caption' => _t('_adm_txt_css_content', $sFileName), 'value' => '', 'db' => array('pass' => 'XssHtml')), 'adm-css-save' => array('type' => 'submit', 'name' => 'adm-css-save', 'value' => _t('_adm_btn_css_save'))));
//--- Get CSS files ---//
$aItems = array();
$sBasePath = BX_DIRECTORY_PATH_ROOT . "templates/tmpl_" . $GLOBALS['oSysTemplate']->getCode() . "/css/";
$rHandle = opendir($sBasePath);
while (($sFile = readdir($rHandle)) !== false) {
if (is_file($sBasePath . $sFile) && substr($sFile, -3) == 'css') {
$aItems[] = array('key' => $sFile, 'value' => $sFile);
}
}
closedir($rHandle);
$sCurrentFile = isset($_POST['css_file']) && preg_match("/^\\w+\\.css\$/", $_POST['css_file']) ? $_POST['css_file'] : $aItems[0]['key'];
$aForm['inputs']['css_file']['value'] = $sCurrentFile;
$aForm['inputs']['css_file']['values'] = $aItems;
//--- Get CSS file's content ---//
$sContent = '';
$sAbsolutePath = $sBasePath . $sCurrentFile;
if (strlen($sCurrentFile) > 0 && is_file($sAbsolutePath)) {
$rHandle = fopen($sAbsolutePath, 'r');
while (!feof($rHandle)) {
$sContent .= fgets($rHandle, 4096);
}
fclose($rHandle);
}
//$aForm['inputs']['content']['value'] = isset($_POST['content']) ? $_POST['content'] : $sContent;
$aForm['inputs']['content']['value'] = $sContent;
$oForm = new BxTemplFormView($aForm);
$oForm->initChecker();
if ($oForm->isSubmittedAndValid()) {
if (file_exists($sAbsolutePath) && isRWAccessible($sAbsolutePath)) {
$rHandle = fopen($sAbsolutePath, 'w');
if ($rHandle) {
fwrite($rHandle, clear_xss($_POST['content']));
fclose($rHandle);
$mixedResult = '_adm_txt_css_success_save';
} else {
$mixedResult = '_adm_txt_css_failed_save';
}
} else {
$mixedResult = '_adm_txt_css_cannot_write';
}
}
$sResult = $GLOBALS['oAdmTemplate']->parseHtmlByName('design_box_content.html', array('content' => $oForm->getCode()));
if ($mixedResult !== true && !empty($mixedResult)) {
$sResult = MsgBox(_t($mixedResult, $sCurrentFile), 3) . $sResult;
}
return $sResult;
}
示例9: getFileConcept
function getFileConcept($iFileId, $aExtra = array())
{
$sOverride = false;
$oAlert = new BxDolAlerts($this->_oConfig->getMainPrefix(), 'display_player', $iFileId, getLoggedId(), array('extra' => $aExtra, 'override' => &$sOverride));
$oAlert->alert();
if ($sOverride) {
return $sOverride;
}
$iFileId = (int) $iFileId;
if (empty($aExtra['ext'])) {
$sPlayer = getApplicationContent('video', 'player', array('id' => $iFileId, 'user' => $this->iViewer, 'password' => clear_xss($_COOKIE['memberPassword'])), true);
} else {
$sPlayer = str_replace("#video#", $aExtra['ext'], YOUTUBE_VIDEO_PLAYER);
$sPlayer = str_replace("#wmode#", getWMode(), $sPlayer);
$sPlayer = str_replace("#autoplay#", getSettingValue("video", "autoPlay") == TRUE_VAL ? "&autoplay=1" : "", $sPlayer);
}
return '<div class="viewFile" style="width:100%;">' . $sPlayer . '</div>';
}
示例10: getProfilePhoto
function getProfilePhoto($aParams)
{
$iProfileId = !empty($aParams['profile_id']) ? (int) $aParams['profile_id'] : 0;
$sAlbum = !empty($aParams['album']) ? $aParams['album'] : 'profile_album_name';
$sType = !empty($aParams['type']) ? $aParams['type'] : 'icon';
$sReturnType = !empty($aParams['return_type']) ? $aParams['return_type'] : 'link';
$aDefaultAlbums = $this->oModule->_oConfig->getDefaultAlbums();
if (!empty($sAlbum) && in_array($sAlbum, $aDefaultAlbums)) {
bx_import('BxDolAlbums');
$sAlbum = BxDolAlbums::getAbumUri($this->oModule->_oConfig->getGlParam($sAlbum), $iProfileId);
}
$oAlbum = new BxDolAlbums('bx_photos');
$aAlbumInfo = $oAlbum->getAlbumInfo(array('fileUri' => $sAlbum, 'owner' => $iProfileId), array('ID'));
if (!$this->oModule->oAlbumPrivacy->check('album_view', $aAlbumInfo['ID'], getLoggedId())) {
return '';
}
$sKeywordGet = $sKeywordPost = null;
if (isset($_GET['keyword'])) {
$sKeywordGet = $_GET['keyword'];
unset($_GET['keyword']);
} elseif (isset($_POST['keyword'])) {
$sKeywordPost = $_POST['keyword'];
unset($_POST['keyword']);
}
$aSavePaginate = array();
if (isset($_GET['page'], $_GET['per_page'])) {
$aSavePaginate = array($_GET['page'], $_GET['per_page']);
}
unset($_GET['page']);
unset($_GET['per_page']);
$this->aCurrent['paginate']['perPage'] = 1;
$this->aCurrent['paginate']['page'] = 1;
$this->aCurrent['restriction']['owner']['value'] = $iProfileId;
$this->aCurrent['sorting'] = 'album_order';
$this->aCurrent['restriction']['album'] = array('value' => $sAlbum, 'field' => 'Uri', 'operator' => '=', 'paramName' => 'albumUri', 'table' => 'sys_albums');
$aFilesList = $this->getSearchData();
if (!empty($aSavePaginate)) {
list($_GET['page'], $_GET['per_page']) = $aSavePaginate;
}
if (!is_null($sKeywordGet)) {
$_GET['keyword'] = clear_xss($sKeywordGet);
} elseif (!is_null($sKeywordPost)) {
$_POST['keyword'] = clear_xss($sKeywordPost);
}
if (!$this->aCurrent['paginate']['totalNum']) {
return '';
}
$aFile = array_pop($aFilesList);
$aFile['file_url'] = $this->getImgUrl($aFile['Hash'], $sType);
$aFile['view_url'] = BX_DOL_URL_ROOT . $this->oModule->_oConfig->getBaseUri() . 'view/' . $aFile['uri'];
if ($sReturnType == 'full') {
return $aFile;
}
return $aFile['file_url'];
}
示例11: MemberEditStory
/**
* Cange story
*/
function MemberEditStory()
{
global $max_l;
global $max_h;
global $member;
global $ADMIN;
$story_id = (int) $_POST['edit_id'];
$story_text = strlen($_POST['text']) > $max_l ? "LEFT ( '" . addslashes(clear_xss(process_pass_data($_POST['text']))) . "', {$max_l} )" : "'" . addslashes(clear_xss(process_pass_data($_POST['text']))) . "'";
$story_header = strlen($_POST['header']) > $max_h ? "LEFT ( '" . process_db_input($_POST['header']) . "', {$max_h} )" : "'" . process_db_input($_POST['header']) . "'";
$story_sender = $ADMIN ? (int) $_POST['sender'] : $member['ID'];
$story_active_add = $ADMIN ? '' : ", `active`=''";
//if admin logged, don't update status. if member - set inactive
$sQuery = "UPDATE `Stories` SET `Date` = NOW(), `Header` = {$story_header}, `Text` = {$story_text} {$story_active_add} WHERE `ID` = {$story_id} AND `Sender` = {$story_sender}";
$res = db_res($sQuery);
return $res;
}
示例12: serviceResponseAudioPlayer
/**
* Audio Player
*/
function serviceResponseAudioPlayer($oAlert)
{
if (!($iFileId = (int) $oAlert->iObject)) {
return false;
}
if (!($aFile = $this->_oDb->getRow("SELECT * FROM `RayMp3Files` WHERE `ID` = {$iFileId}"))) {
return false;
}
global $sIncPath;
global $sModulesPath;
global $sModule;
global $sFilesPath;
global $sFilesPathMp3;
global $oDb;
require_once $sIncPath . 'db.inc.php';
$sModule = "mp3";
$sModulePath = $sModulesPath . $sModule . '/inc/';
require_once $sModulesPath . $sModule . '/inc/header.inc.php';
require_once $sModulesPath . $sModule . '/inc/constants.inc.php';
require_once $sModulesPath . $sModule . '/inc/functions.inc.php';
require_once $sModulesPath . $sModule . '/inc/customFunctions.inc.php';
$sOverride = false;
switch ($aFile['Status']) {
case STATUS_PENDING:
case STATUS_PROCESSING:
$sOverride = $this->_oTemplate->addCss(array('default.css', 'common.css', 'general.css'), true) . MsgBox(_t('_sys_media_processing'));
break;
case STATUS_DISAPPROVED:
if (!isAdmin()) {
$sOverride = $this->_oTemplate->addCss(array('default.css', 'common.css', 'general.css'), true) . MsgBox(_t('_sys_media_disapproved'));
break;
}
case STATUS_APPROVED:
if (file_exists($GLOBALS['sFilesPathMp3'] . $iFileId . MP3_EXTENSION)) {
$sToken = getMp3Token($iFileId);
if (file_exists($GLOBALS['sFilesPathMp3'] . $iFileId . '.ogg')) {
$sSourceOgg = '<source type=\'audio/ogg; codecs="vorbis"\' src="' . BX_DOL_URL_ROOT . "flash/modules/mp3/get_file.php?id=" . $iFileId . "&token=" . $sToken . '&ext=ogg" />';
}
$sFlash = getApplicationContent('mp3', 'player', array('id' => $iFileId, 'user' => getLoggedId(), 'password' => clear_xss($_COOKIE['memberPassword'])), true);
$sId = 'bx-media-' . genRndPwd(8, false);
$sJs = $sSourceOgg ? '' : '
var eMedia = document.createElement("audio");
if (eMedia.canPlayType && !eMedia.canPlayType("audio/mpeg")) {
var sReplace = "' . bx_js_string(BX_H5AV_FALLBACK ? $sFlash : '<b>Your browser doesn\'t support this media playback.</b>', BX_ESCAPE_STR_QUOTE) . '";
$("#' . $sId . '").replaceWith(sReplace);
}';
$sJs .= $aFile['Time'] ? '' : '
eFile.on("canplay", function (e) {
$.post("' . BX_DOL_URL_ROOT . 'flash/XML.php", {
module: "mp3",
action: "updateFileTime",
id: ' . $iFileId . ',
time: parseInt(this.duration * 1000)
});
});';
$sAutoPlay = TRUE_VAL == getSettingValue('mp3', 'autoPlay') && class_exists('BxSoundsPageView') ? 'autoplay' : '';
$sOverride = '
<audio controls ' . $sAutoPlay . ' preload="auto" autobuffer style="width:100%" id="' . $sId . '">
<source type=\'audio/mpeg; codecs="mp3"\' src="' . BX_DOL_URL_ROOT . "flash/modules/mp3/get_file.php?id=" . $iFileId . "&token=" . $sToken . '" />
' . $sSourceOgg . '
' . (BX_H5AV_FALLBACK ? $sFlash : '<b>Can not playback media - your browser doesn\'t support HTML5 audio/video tag.</b>') . '
</audio>
<script>
var eFile = $("#' . $sId . '");
eFile.on("play", function () {
var ePlaying = this;
$("audio").each(function () {
if (this != ePlaying)
this.pause();
});
});
' . $sJs . '
</script>';
break;
}
case STATUS_FAILED:
default:
$sOverride = $this->_oTemplate->addCss(array('default.css', 'common.css', 'general.css'), true) . MsgBox(_t('_sys_media_not_found'));
break;
}
$oAlert->aExtras['override'] = $sOverride;
return true;
}
示例13: getFileConcept
function getFileConcept($iFileId, $aExtra = array())
{
$iFileId = (int) $iFileId;
$iWidth = (int) $this->_oConfig->getGlParam('file_width');
return '<div class="viewFile" style="width: ' . ($iWidth + 2) . 'px;">' . getApplicationContent('mp3', 'player', array('id' => $iFileId, 'user' => (int) $_COOKIE['memberID'], 'password' => clear_xss($_COOKIE['memberPassword'])), true) . '</div>';
}
示例14: process_db_input
function process_db_input($text, $strip_tags = 0, $addslashes = 0)
{
if (is_array($text)) {
foreach ($text as $k => $v) {
$text[$k] = process_db_input($v, $strip_tags, $addslashes);
}
return $text;
}
if (get_magic_quotes_gpc() && $addslashes == BX_SLASHES_AUTO || $addslashes == BX_SLASHES_STRIP) {
$text = stripslashes($text);
} elseif ($addslashes == BX_SLASHES_ADD) {
$text = addslashes($text);
}
switch ($strip_tags) {
case BX_TAGS_STRIP_AND_NL2BR:
return mysql_real_escape_string(nl2br(strip_tags($text)));
case BX_TAGS_STRIP:
return mysql_real_escape_string(strip_tags($text));
case BX_TAGS_SPECIAL_CHARS:
return mysql_real_escape_string(htmlspecialchars($text, ENT_QUOTES, 'UTF-8'));
case BX_TAGS_VALIDATE:
return mysql_real_escape_string(clear_xss($text));
case BX_TAGS_NO_ACTION:
default:
return mysql_real_escape_string($text);
}
}
示例15: checkMemAction
function checkMemAction($iFileOwner, $sAction = 'view')
{
$iFileOwner = (int) $iFileOwner;
$sAction = clear_xss($sAction);
if ($this->oModule->isAdmin($this->oModule->_iProfileId) || $iFileOwner == $this->oModule->_iProfileId) {
return true;
}
$this->oModule->_defineActions();
$aCheck = checkAction($this->oModule->_iProfileId, $this->oModule->_defineActionName($sAction));
if ($aCheck[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) {
return false;
}
return true;
}