Docs For Class vB_Input

vB_Input_Cleaner

Description

Class to handle and sanitize variables from GET, POST and COOKIE etc

version: $Revision: 35065 $
date: $Date: 2010-01-21 14:01:23 -0600 (Thu, 21 Jan 2010) $

Located in /includes/class_core.php (line 1697)

Variable Summary

string $alt_ip

array $cleaned_vars

string $ipaddress

vB_Registry $registry

string $reloadurl

string $scriptpath

array $shortvars

array $superglobal_lookup

string $url

string $wolpath

Method Summary

vB_Input_Cleaner vB_Input_Cleaner (vB_Registry &$registry)

string add_fragment (string $path, [string $fragment = false])

string add_query (string $path, [string $query = false])

mixed &clean (mixed &$var, [integer $vartype = TYPE_NOCLEAN], [boolean $exists = true])

array &clean_array (array &$source, array $variables)

array clean_array_gpc (string $source, array $variables)

mixed &clean_gpc (array $source, string $varname, [integer $vartype = TYPE_NOCLEAN])

void convert_shortvars (array &$array, [ $setglobals = true])

mixed &do_clean (mixed &$data, integer $type)

string fetch_alt_ip ()

string fetch_basepath ([ $rel_modifier = false])

string fetch_ip ()

string fetch_relpath ([ $path = false])

string fetch_server_value (string $name)

string fetch_url ()

string fetch_wolpath ()

void resolve_request_url ( $registry)

void stripslashes_deep (array &$value, [ $depth = 0])

string strip_sessionhash (string $string)

string utf8_clean_path (string $path, [ $reencode = true])

string xss_clean (string $var)

string xss_clean_url (string $url)

Variables

string $alt_ip = '' (line 1774)

System state. An attempt to find a second IP for the current visitor (proxy etc)

array $cleaned_vars = array() (line 1788)

Keep track of variables that have already been cleaned

string $ipaddress = '' (line 1767)

System state. The IP address of the current visitor

vB_Registry $registry = null (line 1781)

A reference to the main registry object

string $reloadurl = '' (line 1746)

Reload URL. Complete URL of the current page including sessionhash

string $scriptpath = '' (line 1739)

System state. The complete URL of the current page, without sessionhash

array $shortvars = array(
'f' => 'forumid',
't' => 'threadid',
'p' => 'postid',
'u' => 'userid',
'a' => 'announcementid',
'c' => 'calendarid',
'e' => 'eventid',
'q' => 'query',
'pp' => 'perpage',
'page' => 'pagenumber',
'sort' => 'sortfield',
'order' => 'sortorder',
) (line 1704)

Translation table for short name to long name

array $superglobal_lookup = array(
'g' => '_GET',
'p' => '_POST',
'r' => '_REQUEST',
'c' => '_COOKIE',
's' => '_SERVER',
'e' => '_ENV',
'f' => '_FILES'
) (line 1724)

Translation table for short superglobal name to long superglobal name

string $url = '' (line 1760)

System state. The complete URL of the referring page

string $wolpath = '' (line 1753)

System state. The complete URL of the page for Who's Online purposes

Methods

Constructor vB_Input_Cleaner (line 1799)

Constructor

First, reverses the effects of magic quotes on GPC Second, translates short variable names to long (u --> userid) Third, deals with $_COOKIE[userid] conflicts

vB_Input_Cleaner vB_Input_Cleaner (vB_Registry &$registry)

vB_Registry &$registry: The instance of the vB_Registry object

add_fragment (line 2097)

Adds a fragment to a path

return: The resulting string

string add_fragment (string $path, [string $fragment = false])

string $path: The path to add the fragment to
string $fragment: The fragment to add to the path

add_query (line 2074)

Adds a query string to a path, fixing the query characters.

return: The resulting string

string add_query (string $path, [string $query = false])

string $path: The path to add the query to
string $query: The query string to add to the path

clean (line 2193)

Makes a single variable safe to use and returns it

return: The cleaned value

mixed &clean (mixed &$var, [integer $vartype = TYPE_NOCLEAN], [boolean $exists = true])

mixed &$var: The variable to be cleaned
integer $vartype: The type of the variable in which we are interested
boolean $exists: Whether or not the variable to be cleaned actually is set

clean_array (line 2116)

Makes data in an array safe to use

array &clean_array (array &$source, array $variables)

array &$source: The source array containing the data to be cleaned
array $variables: Array of variable names and types we want to extract from the source array

clean_array_gpc (line 2136)

Makes GPC variables safe to use

array clean_array_gpc (string $source, array $variables)

string $source: Either, g, p, c, r or f (corresponding to get, post, cookie, request and files)
array $variables: Array of variable names and types we want to extract from the source array

clean_gpc (line 2165)

Makes a single GPC variable safe to use and returns it

mixed &clean_gpc (array $source, string $varname, [integer $vartype = TYPE_NOCLEAN])

array $source: The source array containing the data to be cleaned
string $varname: The name of the variable in which we are interested
integer $vartype: The type of the variable in which we are interested

convert_shortvars (line 2488)

Turns $_POST['t'] into $_POST['threadid'] etc.

void convert_shortvars (array &$array, [ $setglobals = true])

array &$array: The name of the array
$setglobals

do_clean (line 2287)

Does the actual work to make a variable safe

mixed &do_clean (mixed &$data, integer $type)

mixed &$data: The data we want to make safe
integer $type: The type of the data

fetch_alt_ip (line 2730)

Fetches an alternate IP address of the current visitor, attempting to detect proxies etc.

string fetch_alt_ip ()

fetch_basepath (line 2522)

Fetches the 'basepath' variable that can be used as <base>.

string fetch_basepath ([ $rel_modifier = false])

$rel_modifier

fetch_ip (line 2720)

Fetches the IP address of the current visitor

string fetch_ip ()

fetch_relpath (line 2548)

Fetches the path for the current request relative to the basepath.

This is useful for local anchors (<a href="{vb:raw relpath}#post">).

Substracts any overlap between basepath and path with the following results:

base: http://www.example.com/forums/ path: /forums/content.php result: content.php

base: http://www.example.com/forums/admincp path: /forums/content/1-Article result: ../content/1-Article

string fetch_relpath ([ $path = false])

$path

fetch_server_value (line 2050)

Fetches a value from $_SERVER or $_ENV

string fetch_server_value (string $name)

string $name

fetch_url (line 2678)

Fetches the 'url' variable - usually the URL of the previous page in the history

string fetch_url ()

fetch_wolpath (line 2633)

Fetches the 'wolpath' variable - ie: the same as 'scriptpath' but with a handler for the POST request method

string fetch_wolpath ()

resolve_request_url (line 1947)

Resolves information about the request URL.

void resolve_request_url ( $registry)

$registry

stripslashes_deep (line 2465)

Reverses the effects of magic_quotes on an entire array of variables

void stripslashes_deep (array &$value, [ $depth = 0])

array &$value: The array on which we want to work
$depth

strip_sessionhash (line 2511)

Strips out the s=gobbledygook& rubbish from URLs

string strip_sessionhash (string $string)

string $string: The URL string from which to remove the session stuff

utf8_clean_path (line 2444)

Cleans a query string.

Unicode is decoded, url entities are kept encoded, and slashes are preserved.

string utf8_clean_path (string $path, [ $reencode = true])

string $path
$reencode

xss_clean (line 2408)

Removes HTML characters and potentially unsafe scripting words from a string

string xss_clean (string $var)

string $var: The variable we want to make safe

xss_clean_url (line 2424)

Removes HTML characters and potentially unsafe scripting words from a URL Note: The query string is preserved.

string xss_clean_url (string $url)

string $url: The url to clean

Documentation generated on Tue, 26 Jan 2010 15:15:05 -0600 by phpDocumentor 1.4.3