\Input_Filter

Summary

Methods

Properties

Constants

__construct()
process()
safeSQL()

No public properties found

No constants found

remove()
filterTags()
filterAttr()
decode()
quoteSmart()
escapeString()

$tagsArray
$attrArray
$tagsMethod
$attrMethod
$xssAuto
$tagBlacklist
$attrBlacklist

N/A

No private methods found

No private properties found

N/A

File: App/Library/Input/Input_Filter.php
Package: Default
Class hierarchy: \Input_Filter

Properties

$tagsArray

$tagsArray : array

Type

array

$attrArray

$attrArray :

Type

$tagsMethod

$tagsMethod :

Type

$attrMethod

$attrMethod :

Type

$xssAuto

$xssAuto :

Type

$tagBlacklist

$tagBlacklist :

Type

$attrBlacklist

$attrBlacklist :

Type

Methods

__construct()

__construct(Array  $tagsArray = array(), Array  $attrArray = array(), integer  $tagsMethod, integer  $attrMethod, integer  $xssAuto = 1)

Constructor for inputFilter class. Only first parameter is required.

Parameters

Array	$tagsArray	list of user-defined tags
Array	$attrArray	list of user-defined attributes
integer	$tagsMethod	0= allow just user-defined, 1= allow all but user-defined
integer	$attrMethod	0= allow just user-defined, 1= allow all but user-defined
integer	$xssAuto	0= only auto clean essentials, 1= allow clean blacklisted tags/attr

process()

process(Mixed  $source) : String

Method to be called by another php script. Processes for XSS and specified bad code.

Parameters

Mixed

$source

input string/array-of-string to be 'cleaned'

Returns

String —

$source - 'cleaned' version of input parameter

safeSQL()

safeSQL(Mixed  $source, \Buffer  $connection) : String

Method to be called by another php script. Processes for SQL injection

Parameters

Mixed	$source	input string/array-of-string to be 'cleaned'
\Buffer	$connection	An open MySQL connection

Returns

String —

$source - 'cleaned' version of input parameter

remove()

remove(String  $source) : String

Internal method to iteratively remove all unwanted tags and attributes

Parameters

String

$source

input string to be 'cleaned'

Returns

String —

$source - 'cleaned' version of input parameter

filterTags()

filterTags(String  $source) : String

Internal method to strip a string of certain tags

Parameters

String

$source

input string to be 'cleaned'

Returns

String —

$source - 'cleaned' version of input parameter

filterAttr()

filterAttr(Array  $attrSet) : Array

Internal method to strip a tag of certain attributes

Parameters

Array

$attrSet

Returns

Array —

$newSet

decode()

decode(String  $source) : String

Try to convert to plaintext

Parameters

String

$source

Returns

String —

$source

quoteSmart()

quoteSmart(String  $source, Resource  $connection) : String

Parameters

String	$source
Resource	$connection	An open MySQL connection

Returns

String —

$source

class	: InputFilter (PHP5-Strict with comments)
project	: PHP Input Filter
date	: 10-05-2005
version	: 1.2.2_php5
author	: Daniel Morris
contributors	: Gianpaolo Racca, Ghislain Picard, Marco Wandschneider, Chris Tobin and Andrew Eddie.
copyright	: Daniel Morris
email	: dan@rootcube.com
license	: GNU General Public License (GPL)