| [ Index ] |
|
Code source de Joomla 1.0.13 |
[Code source] [Imprimer] [Statistiques]
(pas de description)
| Poids: | 552 lignes (14 kb) |
| Inclus ou requis: | 1 fois |
| Référencé: | 0 fois |
| Nécessite: | 0 fichiers |
InputFilter:: (10 méthodes):
inputFilter()
process()
remove()
filterTags()
filterAttr()
badAttributeValue()
decode()
safeSQL()
quoteSmart()
escapeString()
Classe: InputFilter - X-Ref
| inputFilter($tagsArray = array () X-Ref |
| Constructor for inputFilter class. Only first parameter is required. param: array $tagsArray list of user-defined tags param: array $attrArray list of user-defined attributes param: int $tagsMethod WhiteList method = 0, BlackList method = 1 param: int $attrMethod WhiteList method = 0, BlackList method = 1 param: int $xssAuto Only auto clean essentials = 0, Allow clean |
| process($source) X-Ref |
| Method to be called by another php script. Processes for XSS and specified bad code. param: mixed $source Input string/array-of-string to be 'cleaned' return: mixed $source 'cleaned' version of input parameter |
| remove($source) X-Ref |
| Internal method to iteratively remove all unwanted tags and attributes param: string $source Input string to be 'cleaned' return: string $source 'cleaned' version of input parameter |
| filterTags($source) X-Ref |
| Internal method to strip a string of certain tags param: string $source Input string to be 'cleaned' return: string $source 'cleaned' version of input parameter |
| filterAttr($attrSet) X-Ref |
| Internal method to strip a tag of certain attributes param: array $attrSet Array of attribute pairs to filter return: array $newSet Filtered array of attribute pairs |
| badAttributeValue($attrSubSet) X-Ref |
| Function to determine if contents of an attribute is safe param: array $attrSubSet A 2 element array for attributes name,value return: boolean True if bad code is detected |
| decode($source) X-Ref |
| Try to convert to plaintext param: string $source return: string Plaintext string |
| safeSQL($source, & $connection) X-Ref |
| Method to be called by another php script. Processes for SQL injection param: mixed $source input string/array-of-string to be 'cleaned' param: resource $connection - An open MySQL connection return: string 'cleaned' version of input parameter |
| quoteSmart($source, & $connection) X-Ref |
| Method to escape a string author: Chris Tobin author: Daniel Morris param: string $source param: resource $connection An open MySQL connection return: string Escaped string |
| escapeString($string, & $connection) X-Ref |
author: Chris Tobin author: Daniel Morris param: string $source param: resource $connection An open MySQL connection return: string Escaped string |
| Généré le : Wed Nov 21 14:43:32 2007 | par Balluche grâce à PHPXref 0.7 |
|
|