filter_input() function
'); } //default to null media in not provided: $stream_name = ( isset($_GET['sn']) )? $_GET['sn'] : die('no stream name provided'); $time = ( isset($_GET['t']) )? $_GET['t']: ''; $width = ( isset($_GET['width']) )? intval( $_GET['width'] ) : '400'; $height = ( isset($_GET['height']) )? intval( $_GET['height'] ) : '300'; // $roe_url = 'http://metavid.org/wiki/Special:MvExportStream?feed_format=roe&stream_name=' . htmlspecialchars( $stream_name ) . '&t=' . htmlspecialchars( $time ); //everything good output page: output_page(array( 'roe_url' => $roe_url, 'width' => $width, 'height' => $height, )); } function output_page($params){ extract( $params ); ?> "\\\\", "\"" => "\\\"", '\'' => '\\\'', "\n" => "\\n", "\r" => "\\r", # To avoid closing the element or CDATA section "<" => "\\x3c", ">" => "\\x3e", # To avoid any complaints about bad entity refs "&" => "\\x26", # Work around https://bugzilla.mozilla.org/show_bug.cgi?id=274152 # Encode certain Unicode formatting chars so affected # versions of Gecko don't misinterpret our strings; # this is a common problem with Farsi text. "\xe2\x80\x8c" => "\\u200c", // ZERO WIDTH NON-JOINER "\xe2\x80\x8d" => "\\u200d", // ZERO WIDTH JOINER ); return strtr( $string, $pairs ); } ?>