/**
* @param string $context
* @param string $value
* @param string $name
* @return string
*/
protected function filterVar($context, $value, $name)
{
if (preg_match('#^[A-Za-z0-9_.,-]*$#D', $value)) {
return $value;
}
self::adjustPcreBacktrackLimit($value);
$filteredValue = \CSecurityHtmlEntity::decodeString($value);
$isValueChanged = false;
foreach ($this->auditors as $auditName => $auditor) {
if ($auditor->process($filteredValue)) {
$this->isAuditorsTriggered = true;
if ($this->isLogNeeded()) {
$this->logVariable($value, $name, $auditName);
}
if ($this->isFilterAction()) {
$isValueChanged = true;
$filteredValue = $auditor->getFilteredValue();
} elseif ($this->isClearAction()) {
$isValueChanged = true;
$filteredValue = '';
break;
}
}
}
if ($isValueChanged) {
$this->pushChangedVar($context, $value, $name);
return $filteredValue;
} else {
return $value;
}
}
/**
* @param $pValue
* @param $pName
* @return string
*/
protected function safeizeVar($pValue, $pName)
{
if (preg_match("/^[A-Za-z0-9_.,-]*\$/", $pValue)) {
return $pValue;
}
self::AdjustPcreBacktrackLimit($pValue);
$checkedValue = CSecurityHtmlEntity::decodeString($pValue);
$bFound = false;
foreach ($this->auditors as $auditName => $auditor) {
if ($auditor->process($checkedValue)) {
$bFound = true;
$this->pushFoundVar($pValue, $pName);
if ($this->isBlockNeeded()) {
$this->blockCurrentUser();
}
if ($this->isLogNeeded()) {
$this->logVariable($pValue, $pName, $auditName);
}
if ($this->isFilterAction()) {
$checkedValue = $auditor->getValidString();
} elseif ($this->isClearAction()) {
$checkedValue = "";
break;
}
}
}
if ($bFound) {
return $checkedValue;
} else {
return $pValue;
}
}
