Docs For Class vB_Input

Description

Class to handle and sanitize variables from GET, POST and COOKIE etc

version: $Revision: 26512 $
date: $Date: 2008-04-29 11:12:48 -0500 (Tue, 29 Apr 2008) $

Located in /includes/class_core.php (line 1494)

Variable Summary

string $alt_ip

string $ipaddress

vB_Registry $registry

string $reloadurl

string $scriptpath

array $shortvars

array $superglobal_lookup

string $url

string $wolpath

Method Summary

vB_Input_Cleaner vB_Input_Cleaner (vB_Registry &$registry)

mixed &clean (mixed &$var, [integer $vartype = TYPE_NOCLEAN], [boolean $exists = true])

array &clean_array (array &$source, array $variables)

array clean_array_gpc (string $source, array $variables)

mixed &clean_gpc (array $source, string $varname, [integer $vartype = TYPE_NOCLEAN])

void convert_shortvars (array &$array)

mixed &do_clean (mixed &$data, integer $type)

string fetch_alt_ip ()

string fetch_ip ()

string fetch_scriptpath ()

string fetch_url ()

string fetch_wolpath ()

void stripslashes_deep (array &$value, [ $depth = 0])

string strip_sessionhash (string $string)

string xss_clean (string $var)

Variables

string $alt_ip = '' (line 1571)

System state. An attempt to find a second IP for the current visitor (proxy etc)

string $ipaddress = '' (line 1564)

System state. The IP address of the current visitor

vB_Registry $registry = null (line 1578)

A reference to the main registry object

string $reloadurl = '' (line 1543)

Reload URL. Complete URL of the current page including sessionhash

string $scriptpath = '' (line 1536)

System state. The complete URL of the current page, without sessionhash

array $shortvars = array(
'f' => 'forumid',
't' => 'threadid',
'p' => 'postid',
'u' => 'userid',
'a' => 'announcementid',
'c' => 'calendarid',
'e' => 'eventid',
'q' => 'query',
'pp' => 'perpage',
'page' => 'pagenumber',
'sort' => 'sortfield',
'order' => 'sortorder',
) (line 1501)

Translation table for short name to long name

array $superglobal_lookup = array(
'g' => '_GET',
'p' => '_POST',
'r' => '_REQUEST',
'c' => '_COOKIE',
's' => '_SERVER',
'e' => '_ENV',
'f' => '_FILES'
) (line 1521)

Translation table for short superglobal name to long superglobal name

string $url = '' (line 1557)

System state. The complete URL of the referring page

string $wolpath = '' (line 1550)

System state. The complete URL of the page for Who's Online purposes

Methods

Constructor vB_Input_Cleaner (line 1589)

Constructor

First, reverses the effects of magic quotes on GPC Second, translates short variable names to long (u --> userid) Third, deals with $_COOKIE[userid] conflicts

vB_Input_Cleaner vB_Input_Cleaner (vB_Registry &$registry)

vB_Registry &$registry: The instance of the vB_Registry object

clean (line 1811)

Makes a single variable safe to use and returns it

return: The cleaned value

mixed &clean (mixed &$var, [integer $vartype = TYPE_NOCLEAN], [boolean $exists = true])

mixed &$var: The variable to be cleaned
integer $vartype: The type of the variable in which we are interested
boolean $exists: Whether or not the variable to be cleaned actually is set

clean_array (line 1738)

Makes data in an array safe to use

array &clean_array (array &$source, array $variables)

array &$source: The source array containing the data to be cleaned
array $variables: Array of variable names and types we want to extract from the source array

clean_array_gpc (line 1758)

Makes GPC variables safe to use

array clean_array_gpc (string $source, array $variables)

string $source: Either, g, p, c, r or f (corresponding to get, post, cookie, request and files)
array $variables: Array of variable names and types we want to extract from the source array

clean_gpc (line 1785)

Makes a single GPC variable safe to use and returns it

mixed &clean_gpc (array $source, string $varname, [integer $vartype = TYPE_NOCLEAN])

array $source: The source array containing the data to be cleaned
string $varname: The name of the variable in which we are interested
integer $vartype: The type of the variable in which we are interested

convert_shortvars (line 2063)

Turns $_POST['t'] into $_POST['threadid'] etc.

void convert_shortvars (array &$array)

array &$array: The name of the array

do_clean (line 1904)

Does the actual work to make a variable safe

mixed &do_clean (mixed &$data, integer $type)

mixed &$data: The data we want to make safe
integer $type: The type of the data

fetch_alt_ip (line 2253)

Fetches an alternate IP address of the current visitor, attempting to detect proxies etc.

string fetch_alt_ip ()

fetch_ip (line 2243)

Fetches the IP address of the current visitor

string fetch_ip ()

fetch_scriptpath (line 2094)

Fetches the 'scriptpath' variable - ie: the URI of the current page

string fetch_scriptpath ()

fetch_url (line 2200)

Fetches the 'url' variable - usually the URL of the previous page in the history

string fetch_url ()

fetch_wolpath (line 2155)

Fetches the 'wolpath' variable - ie: the same as 'scriptpath' but with a handler for the POST request method

string fetch_wolpath ()

stripslashes_deep (line 2040)

Reverses the effects of magic_quotes on an entire array of variables

void stripslashes_deep (array &$value, [ $depth = 0])

array &$value: The array on which we want to work
$depth

strip_sessionhash (line 2083)

Strips out the s=gobbledygook& rubbish from URLs

string strip_sessionhash (string $string)

string $string: The URL string from which to remove the session stuff

xss_clean (line 2025)

Removes HTML characters and potentially unsafe scripting words from a string

string xss_clean (string $var)

string $var: The variable we want to make safe