Overview

Namespaces

  • Composer
    • Autoload
  • Geekwright
    • RegDom
  • League
    • OAuth2
      • Client
        • Provider
  • None
  • Xmf
    • Database
    • Jwt
    • Key
    • Module
      • Helper

Classes

  • Assert
  • Debug
  • FilterInput
  • Highlighter
  • IPAddress
  • Language
  • Metagen
  • Random
  • Request
  • StopWords
  • Yaml
  • Overview
  • Namespace
  • Class
  • Tree

Class FilterInput

FilterInput is a class for filtering input from any data source

Forked from the php input filter library by Daniel Morris

Original Contributors: Gianpaolo Racca, Ghislain Picard, Marco Wandschneider, Chris Tobin and Andrew Eddie.

Direct known subclasses

XoopsFilterInput
Namespace: Xmf
Package: Xmf
Category: Xmf\FilterInput
Copyright: 2005 Daniel Morris
Copyright: 2005 - 2013 Open Source Matters, Inc. All rights reserved.
Copyright: 2011-2016 XOOPS Project (http://xoops.org)
License: GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
Author: Daniel Morris dan@rootcube.com
Author: Louis Landry louis.landry@joomla.org
Author: Grégory Mage (Aka Mage)
Author: trabis lusopoemas@gmail.com
Author: Richard Griffith richard@geekwright.com
Link: http://xoops.org
Located at lass/libraries/vendor/xoops/xmf/src/Xmf/FilterInput.php
Methods summary
protected
# __construct( array $tagsArray = array(), array $attrArray = array(), integer $tagsMethod = 0, integer $attrMethod = 0, integer $xssAuto = 1 )

Constructor

Constructor

Parameters

$tagsArray
  • list of user-defined tags
$attrArray
  • list of user-defined attributes
$tagsMethod
  • 0 = allow just user-defined, 1 = allow all but user-defined
$attrMethod
  • 0 = allow just user-defined, 1 = allow all but user-defined
$xssAuto
  • 0 = only auto clean essentials, 1 = allow clean blacklisted tags/attr
public static Xmf\FilterInput
# getInstance( array $tagsArray = array(), array $attrArray = array(), integer $tagsMethod = 0, integer $attrMethod = 0, integer $xssAuto = 1 )

Returns an input filter object, only creating it if it does not already exist.

Returns an input filter object, only creating it if it does not already exist.

This method must be invoked as: $filter = FilterInput::getInstance();

Parameters

$tagsArray
list of user-defined tags
$attrArray
list of user-defined attributes
$tagsMethod
WhiteList method = 0, BlackList method = 1
$attrMethod
WhiteList method = 0, BlackList method = 1
$xssAuto

Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1

Returns

Xmf\FilterInput
object.
public string
# process( mixed $source )

Method to be called by another php script. Processes for XSS and any specified bad code.

Method to be called by another php script. Processes for XSS and any specified bad code.

Parameters

$source
  • input string/array-of-string to be 'cleaned'

Returns

string
$source - 'cleaned' version of input parameter
public static mixed
# clean( mixed $source, string $type = 'string' )

Static method to be called by another php script. Clean the supplied input using the default filter

Static method to be called by another php script. Clean the supplied input using the default filter

Parameters

$source
Input string/array-of-string to be 'cleaned'
$type

Return/cleaning type for the variable, one of (INTEGER, FLOAT, BOOLEAN, WORD, ALPHANUM, CMD, BASE64, STRING, ARRAY, PATH, USERNAME, WEBURL, EMAIL, IP)

Returns

mixed
'Cleaned' version of input parameter
public mixed
# cleanVar( mixed $source, string $type = 'string' )

Method to be called by another php script. Processes for XSS and specified bad code according to rules supplied when this instance was instantiated.

Method to be called by another php script. Processes for XSS and specified bad code according to rules supplied when this instance was instantiated.

Parameters

$source
Input string/array-of-string to be 'cleaned'
$type

Return/cleaning type for the variable, one of (INTEGER, FLOAT, BOOLEAN, WORD, ALPHANUM, CMD, BASE64, STRING, ARRAY, PATH, USERNAME, WEBURL, EMAIL, IP)

Returns

mixed
'Cleaned' version of input parameter
protected String
# remove( String $source )

Internal method to iteratively remove all unwanted tags and attributes

Internal method to iteratively remove all unwanted tags and attributes

Parameters

$source
  • input string to be 'cleaned'

Returns

String
$source - 'cleaned' version of input parameter
protected String
# filterTags( String $source )

Internal method to strip a string of certain tags

Internal method to strip a string of certain tags

Parameters

$source
  • input string to be 'cleaned'

Returns

String
$source - 'cleaned' version of input parameter
protected array
# filterAttr( array $attrSet )

Internal method to strip a tag of certain attributes

Internal method to strip a tag of certain attributes

Parameters

$attrSet
attributes

Returns

array
$newSet stripped attributes
protected String
# decode( String $source )

Try to convert to plaintext

Try to convert to plaintext

Parameters

$source
string to decode

Returns

String
$source decoded
Properties summary
protected $tagsArray
#
protected $attrArray
#
protected $tagsMethod
#
protected $attrMethod
#
protected $xssAuto
#
protected array $tagBlacklist
# array( 'applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml' )
protected array $attrBlacklist
# array('action', 'background', 'codebase', 'dynsrc', 'lowsrc')
API documentation generated by ApiGen