Docs for class JFilterInput

Joomla! 1.5 API

Packages

Package: Joomla-Framework

License

Content on this site is copyright © 2005 - 2011 Open Source Matters Inc and can be used in accordance with the Joomla! Electronic Documentation License. Some parts of this website may be subject to other licenses.

JFilterInput

Description

JFilterInput is a class for filtering input from any data source

Forked from the php input filter library by: Daniel Morris <dan@rootcube.com> Original Contributors: Gianpaolo Racca, Ghislain Picard, Marco Wandschneider, Chris Tobin and Andrew Eddie.

since: 1.5

Located in /joomla/filter/filterinput.php (line 28)

 JObject   (Subpackage Base)

 JFilterInput   (Subpackage Filter)

Variable Summary

mixed $attrArray

mixed $attrBlacklist

mixed $attrMethod

mixed $tagBlacklist

mixed $tagsArray

mixed $tagsMethod

mixed $xssAuto

Method Summary

static boolean checkAttribute (array $attrSubSet)

static mixed clean (mixed $source, [string $type = 'string'])

static object The &getInstance ([array $tagsArray = array()], [array $attrArray = array()], [int $tagsMethod = 0], [int $attrMethod = 0], [int $xssAuto = 1])

JFilterInput __construct ([array $tagsArray = array()], [array $attrArray = array()], [int $tagsMethod = 0], [int $attrMethod = 0], [int $xssAuto = 1])

array _cleanAttributes (array $attrSet)

string _cleanTags (string $source)

string _decode (string $source)

string _remove (string $source)

Variables

mixed $attrArray (line 31)

mixed $attrBlacklist = array ('action', 'background', 'codebase', 'dynsrc', 'lowsrc') (line 38)

mixed $attrMethod (line 34)

mixed $tagBlacklist = array ('applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml') (line 37)

mixed $tagsArray (line 30)

mixed $tagsMethod (line 33)

mixed $xssAuto (line 36)

Inherited Variables

Inherited from JObject

JObject::$_errors

Methods

Constructor __construct (line 51)

Constructor for inputFilter class. Only first parameter is required.

since: 1.5
access: protected

JFilterInput __construct ([array $tagsArray = array()], [array $attrArray = array()], int $tagsMethod, int $attrMethod, [int $xssAuto = 1])

array $tagsArray: list of user-defined tags
array $attrArray: list of user-defined attributes
int $tagsMethod: WhiteList method = 0, BlackList method = 1
int $attrMethod: WhiteList method = 0, BlackList method = 1
int $xssAuto: Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1

Redefinition of:

JObject::__construct(): Class constructor, overridden in descendant classes.

checkAttribute (line 224)

Function to determine if contents of an attribute is safe

return: True if bad code is detected
since: 1.5

boolean checkAttribute (array $attrSubSet)

array $attrSubSet: A 2 element array for attributes name,value

clean (line 108)

Method to be called by another php script. Processes for XSS and specified bad code.

return: 'Cleaned' version of input parameter
since: 1.5
access: public

mixed clean (mixed $source, [string $type = 'string'])

mixed $source: Input string/array-of-string to be 'cleaned'
string $type: Return type for the variable (INT, FLOAT, BOOLEAN, WORD, ALNUM, CMD, BASE64, STRING, ARRAY, PATH, NONE)

getInstance (line 80)

Returns a reference to an input filter object, only creating it if it doesn't already exist.

This method must be invoked as:

  $filter = & JFilterInput::getInstance();

return: JFilterInput object.
since: 1.5

object The &getInstance ([array $tagsArray = array()], [array $attrArray = array()], int $tagsMethod, int $attrMethod, [int $xssAuto = 1])

array $tagsArray: list of user-defined tags
array $attrArray: list of user-defined attributes
int $tagsMethod: WhiteList method = 0, BlackList method = 1
int $attrMethod: WhiteList method = 0, BlackList method = 1
int $xssAuto: Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1

_cleanAttributes (line 426)

Internal method to strip a tag of certain attributes

return: Filtered array of attribute pairs
since: 1.5
access: protected

array _cleanAttributes (array $attrSet)

array $attrSet: Array of attribute pairs to filter

_cleanTags (line 260)

Internal method to strip a string of certain tags

return: 'Cleaned' version of input parameter
since: 1.5
access: protected

string _cleanTags (string $source)

string $source: Input string to be 'cleaned'

_decode (line 503)

Try to convert to plaintext

return: Plaintext string
since: 1.5
access: protected

string _decode (string $source)

string $source

_remove (line 239)

Internal method to iteratively remove all unwanted tags and attributes

return: 'Cleaned' version of input parameter
since: 1.5
access: protected

string _remove (string $source)

string $source: Input string to be 'cleaned'

Inherited Methods

Inherited From JObject

JObject::JObject()
JObject::__construct()
JObject::get()
JObject::getError()
JObject::getErrors()
JObject::getProperties()
JObject::getPublicProperties()
JObject::set()
JObject::setError()
JObject::setProperties()
JObject::toString()

Joomla! 1.5 API

Packages

Package: Joomla-Framework

Other documents

License

JFilterInput

Inherited Variables

Inherited Methods

Joomla!

News

Sites

About

Get Started

About

Project Organization

Forum

Support Forums

Development

Sites

Forum General

Community

Joomla!

News

User Groups

Events

Translations

Directories

Extensions

Resources

Site Showcase

Developer

Resources

Production WG

Mailing Lists

Joomlacode

Shop

Merchandise

Books

Documentation

For Everyone

For Beginners

For Designers

Personae

Be a Documenter