Index

PHP Cross Reference of Joomla! 1.0.12 eCommerce Edition

title

Body

[close]

/includes/phpInputFilter/ -> class.inputfilter.php (summary)

[Source view] [Print]

(no description)

File Size: 552 lines (14 kb)
Included or required: 2 times
Referenced: 0 times
Includes or requires: 0 files

Defines 1 class

InputFilter:: (10 methods):
  inputFilter()
  process()
  remove()
  filterTags()
  filterAttr()
  badAttributeValue()
  decode()
  safeSQL()
  quoteSmart()
  escapeString()


Class: InputFilter  - X-Ref


inputFilter($tagsArray = array ()   X-Ref
Constructor for inputFilter class. Only first parameter is required.

param: array    $tagsArray    list of user-defined tags
param: array    $attrArray    list of user-defined attributes
param: int        $tagsMethod    WhiteList method = 0, BlackList method = 1
param: int        $attrMethod    WhiteList method = 0, BlackList method = 1
param: int        $xssAuto    Only auto clean essentials = 0, Allow clean

process($source)   X-Ref
Method to be called by another php script. Processes for XSS and
specified bad code.

param: mixed    $source    Input string/array-of-string to be 'cleaned'
return: mixed    $source    'cleaned' version of input parameter

remove($source)   X-Ref
Internal method to iteratively remove all unwanted tags and attributes

param: string    $source    Input string to be 'cleaned'
return: string    $source    'cleaned' version of input parameter

filterTags($source)   X-Ref
Internal method to strip a string of certain tags

param: string    $source    Input string to be 'cleaned'
return: string    $source    'cleaned' version of input parameter

filterAttr($attrSet)   X-Ref
Internal method to strip a tag of certain attributes

param: array    $attrSet    Array of attribute pairs to filter
return: array    $newSet        Filtered array of attribute pairs

badAttributeValue($attrSubSet)   X-Ref
Function to determine if contents of an attribute is safe

param: array    $attrSubSet    A 2 element array for attributes name,value
return: boolean True if bad code is detected

decode($source)   X-Ref
Try to convert to plaintext

param: string    $source
return: string    Plaintext string

safeSQL($source, & $connection)   X-Ref
Method to be called by another php script. Processes for SQL injection

param: mixed        $source    input string/array-of-string to be 'cleaned'
param: resource    $connection - An open MySQL connection
return: string        'cleaned' version of input parameter

quoteSmart($source, & $connection)   X-Ref
Method to escape a string

author: Chris Tobin
author: Daniel Morris
param: string        $source
param: resource    $connection        An open MySQL connection
return: string        Escaped string

escapeString($string, & $connection)   X-Ref

author: Chris Tobin
author: Daniel Morris
param: string        $source
param: resource    $connection        An open MySQL connection
return: string        Escaped string


Generated: Tue Nov 28 19:30:46 2006          Cross-referenced by PHPXref 0.6