/** * Add a filter to the element * * @param string|\Engine\Filter\FilterInterface|array * @return \Engine\Crud\Tools\Filters */ public function addFilter($filter) { if ($filter instanceof FilterInterface) { $parts = explode("\\", get_class($filter)); $origName = strtolower(end($parts)); $this->_filter->add($origName, $filter); } elseif (is_array($filter)) { $origName = strtolower($filter['filter']); if ($class = $this->getFilterClassName($origName)) { if (empty($filter['options'])) { $filter = new $class(); } else { $r = new \ReflectionClass($class); if ($r->hasMethod('__construct')) { $filter = $r->newInstanceArgs((array) $filter['options']); } else { $filter = $r->newInstance(); } } $this->_filter->add($origName, $filter); } } elseif (is_string($filter)) { $origName = strtolower($filter); if ($class = $this->getFilterClassName($origName)) { $filter = new $class(); $this->_filter->add($origName, $filter); } } else { throw new \Engine\Exception("Invalid filter passed to addFilter"); } $this->_sanitize[] = $origName; return $this; }
/** * Vote action (Vote a post action) * * @throws \Modules\Core\Exceptions\HTTPException * @return int Votes after the vote */ public function vote() { //Check if user is authorized \Modules\Core\Library\Authorize::isAuthorized(); $post = new Posts(); $vote = new Votes(); $filter = new Filter(); $filter->add('vote', function ($value) { if ($value > 0) { return 1; } if ($value < 0) { return -1; } return 0; }); $params = array('id' => $this->getDI()->get('requestBody')->id, 'uid' => \Modules\Core\Library\Authorize::getUid(), 'vote' => $filter->sanitize((int) $this->getDI()->get('requestBody')->vote, 'vote')); $userVote = Votes::find("id = 0x" . $params['id'] . " AND uid = 0x" . $params['uid']); $oldVote = 0; if (isset($userVote->getFirst()->vote)) { $oldVote = $userVote->getFirst()->vote; } if ((int) $oldVote == (int) $params['vote']) { $params['vote'] = 0; } $vote->save($params); return $post->getVotes($this->getDI()->get('requestBody')->id); }
/** * @param Filter $filter */ public static function install($filter) { foreach (get_class_methods(get_called_class()) as $method) { if ($method != __METHOD__) { $filter->add(Text::uncamelize($method), function ($value) use($method) { return call_user_func([get_called_class(), $method], $value); }); } } }
/** * query suricata alerts * @return array */ public function queryAlertsAction() { if ($this->request->isPost()) { $this->sessionClose(); // create filter to sanitize input data $filter = new Filter(); $filter->add('query', new QueryFilter()); // fetch query parameters $itemsPerPage = $this->request->getPost('rowCount', 'int', 9999); $currentPage = $this->request->getPost('current', 'int', 1); if ($this->request->getPost('searchPhrase', 'string', '') != "") { $filterTag = $filter->sanitize($this->request->getPost('searchPhrase'), "query"); $searchPhrase = 'alert,src_ip/"*' . $filterTag . '*"'; } else { $searchPhrase = ''; } if ($this->request->getPost('fileid', 'string', '') != "") { $fileid = $this->request->getPost('fileid', 'int', -1); } else { $fileid = null; } $backend = new Backend(); $response = $backend->configdpRun("ids query alerts", array($itemsPerPage, ($currentPage - 1) * $itemsPerPage, $searchPhrase, $fileid)); $result = json_decode($response, true); if ($result != null) { $result['rowCount'] = count($result['rows']); $result['total'] = $result['total_rows']; $result['current'] = (int) $currentPage; return $result; } } return array(); }
/** * search installed ids rules * @return array */ public function searchInstalledRulesAction() { if ($this->request->isPost()) { $this->sessionClose(); // create filter to sanitize input data $filter = new Filter(); $filter->add('query', new QueryFilter()); // fetch query parameters $itemsPerPage = $this->request->getPost('rowCount', 'int', 9999); $currentPage = $this->request->getPost('current', 'int', 1); if ($this->request->hasPost('sort') && is_array($this->request->getPost("sort"))) { $sortStr = ''; $sortBy = array_keys($this->request->getPost("sort")); if ($this->request->getPost("sort")[$sortBy[0]] == "desc") { $sortOrd = 'desc'; } else { $sortOrd = 'asc'; } foreach ($sortBy as $sortKey) { if ($sortStr != '') { $sortStr .= ','; } $sortStr .= $filter->sanitize($sortKey, "query") . ' ' . $sortOrd . ' '; } } else { $sortStr = 'sid'; } if ($this->request->getPost('searchPhrase', 'string', '') != "") { $searchTag = $filter->sanitize($this->request->getPost('searchPhrase'), "query"); $searchPhrase = 'msg,source,sid/"*' . $searchTag . '"'; } else { $searchPhrase = ''; } // add filter for classtype if ($this->request->getPost("classtype", "string", '') != "") { $searchTag = $filter->sanitize($this->request->getPost('classtype'), "query"); $searchPhrase .= " classtype/" . $searchTag . ' '; } // request list of installed rules $backend = new Backend(); $response = $backend->configdpRun("ids query rules", array($itemsPerPage, ($currentPage - 1) * $itemsPerPage, $searchPhrase, $sortStr)); $data = json_decode($response, true); if ($data != null && array_key_exists("rows", $data)) { $result = array(); $result['rows'] = $data['rows']; // update rule status with own administration foreach ($result['rows'] as &$row) { $row['enabled_default'] = $row['enabled']; $row['enabled'] = $this->getModel()->getRuleStatus($row['sid'], $row['enabled']); } $result['rowCount'] = count($result['rows']); $result['total'] = $data['total_rows']; $result['parameters'] = $data['parameters']; $result['current'] = (int) $currentPage; return $result; } else { return array(); } } else { return array(); } }
public function add($name, $handler) { return parent::add($name, $handler); }
<?php use Phalcon\Filter; $filter = new Filter(); /* * Users Filters */ $filter->add('login', function ($value) { return preg_replace('/[^0-9a-fA-Z]/', '', $value); }); // 8 chars min, any type, any order $filter->add('pwd', function ($value) { return preg_replace('/([a-zA-Z0-9.*!?_-]){8,}\\w+/', '', $value); }); $filter->add('email', function ($value) { return preg_replace('/[^0-9a-f]/', '', $value); }); $filter->add('phone', function ($value) { return preg_replace('/[^0-9a-f]/', '', $value); }); $filter->add('team', function ($value) { return preg_replace('/[^0-9a-f]/', '', $value); });
/** * Tests a custom filter Lambda * * @author Nikos Dimopoulos <*****@*****.**> * @since 2012-11-30 */ public function testSanitizeCustomLambdaFalseTrue() { $filter = new PhFilter(); $filter->add('md5', function ($value) { $filtered = preg_replace('/[^0-9a-f]/', '', $value); return strlen($filtered) != 32 ? false : $value; }); $expected = md5('why?'); $actual = $filter->sanitize(md5('why?'), 'md5'); $this->assertEquals($expected, $actual, 'Lambda Custom filter is not correct True'); }
$di->setShared('security', function () { return new Security(); }); $di->setShared('cookies', function () { $cookies = new Cookies(); $cookies->useEncryption(false); return $cookies; }); $di->setShared('activation', function () { return new ActivationComponent(); }); $di->setShared('filter', function () { $filter = new Filter(); $filter->add('hash', function ($value) { var_dump(password_hash($value, PASSWORD_BCRYPT)); die; return password_hash($value, PASSWORD_BCRYPT); }); return $filter; }); $di->setShared('translate', function () use($di) { $cookies = $di->get('cookies'); $language = $cookies->has('language') ? $cookies->get('language') : 'en'; $file = APP_DIR . '/messages/' . $language . '.php'; //Check if we have a translation file for that lang if (file_exists($file)) { require_once $file; } else { // fallback to some default require_once APP_DIR . '/messages/en.php'; }