Support Joomla!

Joomla! 1.5 Documentation

Packages

Package: Joomla-Framework

License

Content on this site is copyright © 2005 - 2008 by the individual contributors and can be used in accordance with the Creative Commons License, Attribution- NonCommercial- ShareAlike 2.5. Some parts of this website may be subject to other licenses.

Class JFilterInput

Description
Description | Variables (details) | Methods (details)

JFilterInput is a class for filtering input from any data source

Forked from the php input filter library by: Daniel Morris <dan@rootcube.com> Original Contributors: Gianpaolo Racca, Ghislain Picard, Marco Wandschneider, Chris Tobin and Andrew Eddie.

Located in /joomla/filter/filterinput.php (line 29) 

Class JObject   (Subpackage Base)

Class JFilterInput   (Subpackage Filter)
Variable Summary
Description | Variables (details) | Methods (details)
Variable mixed $attrArray
Variable mixed $attrBlacklist
Variable mixed $attrMethod
Variable mixed $tagBlacklist
Variable mixed $tagsArray
Variable mixed $tagsMethod
Variable mixed $xssAuto
Method Summary
Description | Variables (details) | Methods (details)
Static method static boolean checkAttribute (array $attrSubSet)
Static method static mixed clean (mixed $source, [string $type = 'string'])
Static method static object The &getInstance ([array $tagsArray = array()], [array $attrArray = array()], [int $tagsMethod = 0], [int $attrMethod = 0], [int $xssAuto = 1])
Constructor JFilterInput __construct ([array $tagsArray = array()], [array $attrArray = array()], [int $tagsMethod = 0], [int $attrMethod = 0], [int $xssAuto = 1])
Method array _cleanAttributes (array $attrSet)
Method string _cleanTags (string $source)
Method string _decode (string $source)
Method string _remove (string $source)
Variables
Description | Variables (details) | Methods (details)
mixed $attrArray (line 32)
mixed $attrBlacklist = array ('action', 'background', 'codebase', 'dynsrc', 'lowsrc') (line 39)
mixed $attrMethod (line 35)
mixed $tagBlacklist = array ('applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml') (line 38)
mixed $tagsArray (line 31)
mixed $tagsMethod (line 34)
mixed $xssAuto (line 37)

Inherited Variables

Inherited from JObject

Variable JObject::$_errors
Methods
Description | Variables (details) Methods (details)
Constructor __construct (line 52)

Constructor for inputFilter class. Only first parameter is required.

  • since: 1.5
  • access: protected
JFilterInput __construct ([array $tagsArray = array()], [array $attrArray = array()], int $tagsMethod, int $attrMethod, [int $xssAuto = 1])
  • array $tagsArray: list of user-defined tags
  • array $attrArray: list of user-defined attributes
  • int $tagsMethod: WhiteList method = 0, BlackList method = 1
  • int $attrMethod: WhiteList method = 0, BlackList method = 1
  • int $xssAuto: Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1
Redefinition of:
JObject::__construct()
Class constructor, overridden in descendant classes.
checkAttribute (line 204)

Function to determine if contents of an attribute is safe

  • return: True if bad code is detected
  • since: 1.5
boolean checkAttribute (array $attrSubSet)
  • array $attrSubSet: A 2 element array for attributes name,value
clean (line 109)

Method to be called by another php script. Processes for XSS and specified bad code.

  • return: 'Cleaned' version of input parameter
  • since: 1.5
  • access: public
mixed clean (mixed $source, [string $type = 'string'])
  • mixed $source: Input string/array-of-string to be 'cleaned'
  • string $type: Return type for the variable (INT, FLOAT, BOOLEAN, WORD, ALNUM, CMD, BASE64, STRING, ARRAY, PATH, NONE)
getInstance (line 81)

Returns a reference to an input filter object, only creating it if it doesn't already exist.

This method must be invoked as: 

  $filter = & JFilterInput::getInstance();

  • return: JFilterInput object.
  • since: 1.5
object The &getInstance ([array $tagsArray = array()], [array $attrArray = array()], int $tagsMethod, int $attrMethod, [int $xssAuto = 1])
  • array $tagsArray: list of user-defined tags
  • array $attrArray: list of user-defined attributes
  • int $tagsMethod: WhiteList method = 0, BlackList method = 1
  • int $attrMethod: WhiteList method = 0, BlackList method = 1
  • int $xssAuto: Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1
_cleanAttributes (line 405)

Internal method to strip a tag of certain attributes

  • return: Filtered array of attribute pairs
  • since: 1.5
  • access: protected
array _cleanAttributes (array $attrSet)
  • array $attrSet: Array of attribute pairs to filter
_cleanTags (line 240)

Internal method to strip a string of certain tags

  • return: 'Cleaned' version of input parameter
  • since: 1.5
  • access: protected
string _cleanTags (string $source)
  • string $source: Input string to be 'cleaned'
_decode (line 482)

Try to convert to plaintext

  • return: Plaintext string
  • since: 1.5
  • access: protected
string _decode (string $source)
  • string $source
_remove (line 219)

Internal method to iteratively remove all unwanted tags and attributes

  • return: 'Cleaned' version of input parameter
  • since: 1.5
  • access: protected
string _remove (string $source)
  • string $source: Input string to be 'cleaned'

Inherited Methods

Inherited From JObject

JObject::JObject()
JObject::__construct()
JObject::get()
JObject::getError()
JObject::getErrors()
JObject::getProperties()
JObject::getPublicProperties()
JObject::set()
JObject::setError()
JObject::setProperties()
JObject::toString()
Documentation generated on Tue, 29 Jan 2008 18:45:58 +0000 by phpDocumentor 1.3.1