JFilterInput
Extends \JObjectJFilterInput is a class for filtering input from any data source
Forked from the php input filter library by: Daniel Morris [email protected] Original Contributors: Gianpaolo Racca, Ghislain Picard, Marco Wandschneider, Chris Tobin and Andrew Eddie.
package |
Joomla.Platform |
---|---|
subpackage |
Filter |
since |
11.1 |
Methods
__construct
Class constructor, overridden in descendant classes.
__construct(mixed $properties = null)
since |
11.1 |
---|
Arguments
- $properties
mixed
Either and associative array or another object to set the initial properties of the object.
__toString
Magic method to convert the object to a string gracefully.
__toString() : string
since |
11.1 |
---|---|
deprecated |
12.3 Classes should provide their own __toString() implementation. |
Response
string
The classname.
_cleanAttributes
Internal method to strip a tag of certain attributes
_cleanAttributes(array $attrSet) : array
since |
11.1 |
---|
Arguments
- $attrSet
array
Array of attribute pairs to filter
Response
array
Filtered array of attribute pairs
_cleanTags
Internal method to strip a string of certain tags
_cleanTags(string $source) : string
since |
11.1 |
---|
Arguments
- $source
string
Input string to be 'cleaned'
Response
string
'Cleaned' version of input parameter
_decode
Try to convert to plaintext
_decode(string $source) : string
since |
11.1 |
---|
Arguments
- $source
string
The source string.
Response
string
Plaintext string
_escapeAttributeValues
Escape < > and " inside attribute values
_escapeAttributeValues(string $source) : string
since |
11.1 |
---|
Arguments
- $source
string
The source string.
Response
string
Filtered string
_remove
Internal method to iteratively remove all unwanted tags and attributes
_remove(string $source) : string
since |
11.1 |
---|
Arguments
- $source
string
Input string to be 'cleaned'
Response
string
'Cleaned' version of input parameter
_stripCSSExpressions
Remove CSS Expressions in the form of
_stripCSSExpressions(string $source) : string
..)
since |
11.1 |
---|
Arguments
- $source
string
The source string.
Response
string
Filtered string
checkAttribute
Function to determine if contents of an attribute are safe
checkAttribute(array $attrSubSet) : boolean
since |
11.1 |
---|
Arguments
- $attrSubSet
array
A 2 element array for attribute's name, value
Response
boolean
True if bad code is detected
clean
Method to be called by another php script. Processes for XSS and specified bad code.
clean(mixed $source, string $type = 'string') : mixed
since |
11.1 |
---|
Arguments
- $source
mixed
Input string/array-of-string to be 'cleaned'- $type
string
Return type for the variable (INT, UINT, FLOAT, BOOLEAN, WORD, ALNUM, CMD, BASE64, STRING, ARRAY, PATH, NONE)
Response
mixed
'Cleaned' version of input parameter
def
Sets a default value if not alreay assigned
def(string $property, mixed $default = null) : mixed
since |
11.1 |
---|
Arguments
- $property
string
The name of the property.- $default
mixed
The default value.
Response
mixed
get
Returns a property of the object or the default value if the property is not set.
get(string $property, mixed $default = null) : mixed
since |
11.1 |
---|---|
see | \JObject::getProperties() |
Arguments
- $property
string
The name of the property.- $default
mixed
The default value.
Response
mixed
The value of the property.
getError
Get the most recent error message.
getError(integer $i = null, boolean $toString = true) : string
since |
11.1 |
---|---|
see | \JError |
deprecated |
12.3 JError has been deprecated |
Arguments
- $i
integer
Option error index.- $toString
boolean
Indicates if JError objects should return their error message.
Response
string
Error message
getErrors
Return all errors, if any.
getErrors() : array
since |
11.1 |
---|---|
see | \JError |
deprecated |
12.3 JError has been deprecated |
Response
array
Array of error messages or JErrors.
getInstance
Returns an input filter object, only creating it if it doesn't already exist.
getInstance(array $tagsArray = array(), array $attrArray = array(), integer $tagsMethod, integer $attrMethod, integer $xssAuto = 1) : \JFilterInput
since |
11.1 |
---|
Arguments
- $tagsArray
array
List of user-defined tags- $attrArray
array
List of user-defined attributes- $tagsMethod
integer
WhiteList method = 0, BlackList method = 1- $attrMethod
integer
WhiteList method = 0, BlackList method = 1- $xssAuto
integer
Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1
Response
\JFilterInput
The JFilterInput object.
getProperties
Returns an associative array of object properties.
getProperties(boolean $public = true) : array
since |
11.1 |
---|---|
see | \JObject::get() |
Arguments
- $public
boolean
If true, returns only the public properties.
Response
array
set
Modifies a property of the object, creating it if it does not already exist.
set(string $property, mixed $value = null) : mixed
since |
11.1 |
---|
Arguments
- $property
string
The name of the property.- $value
mixed
The value of the property to set.
Response
mixed
Previous value of the property.
setError
Add an error message.
setError(string $error) : void
since |
11.1 |
---|---|
see | \JError |
deprecated |
12.3 JError has been deprecated |
Arguments
- $error
string
Error message.
setProperties
Set the object properties based on a named array/hash.
setProperties(mixed $properties) : boolean
since |
11.1 |
---|---|
see | \JObject::set() |
Arguments
- $properties
mixed
Either an associative array or another object.
Response
boolean
toString
Converts the object to a string (the class name).
toString() : string
Properties
instances
A container for JFilterInput instances.
since |
11.3 |
---|
Type(s)
array
tagsArray
An array of permitted tags.
since |
11.1 |
---|
Type(s)
array
attrArray
An array of permitted tag attributes.
since |
11.1 |
---|
Type(s)
array
tagsMethod
Method for tags: WhiteList method = 0 (default), BlackList method = 1
since |
11.1 |
---|
Type(s)
integer
attrMethod
Method for attributes: WhiteList method = 0 (default), BlackList method = 1
since |
11.1 |
---|
Type(s)
integer
xssAuto
Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1
since |
11.1 |
---|
Type(s)
integer
tagBlacklist
A list of the default blacklisted tags.
since |
11.1 |
---|
Type(s)
array
attrBlacklist
A list of the default blacklisted tag attributes. All event handlers implicit.
since |
11.1 |
---|
Type(s)
array
_errors
An array of error messages or Exception objects.