Exemplo n.º 1
0
 /**
  * Cleans $value for $type
  *
  * @param  string|int|float|mixed  $value
  * @param  string                  $type   Const int GetterInterface::COMMAND|GetterInterface::INT|...
  * @return string|int|float|boolean|mixed
  *
  * @throws \InvalidArgumentException
  */
 public static function clean($value, $type)
 {
     switch ($type) {
         case GetterInterface::COMMAND:
         case null:
             return preg_replace('/[^A-Za-z0-9_\\.-]/', '', $value);
         case GetterInterface::INT:
             return @(int) $value;
         case GetterInterface::UINT:
             return @abs((int) $value);
         case GetterInterface::NUMERIC:
             return (string) preg_replace('/^(\\d*).*$/', '\\1', $value);
         case GetterInterface::FLOAT:
             return (double) $value;
         case GetterInterface::BOOLEAN:
             return (bool) $value;
         case GetterInterface::STRING:
             return InjectionsFilter::filter($value, 'text');
         case GetterInterface::HTML:
             return InjectionsFilter::filter($value, 'html');
         case GetterInterface::BASE64:
             return (string) preg_replace('/[^A-Z0-9\\/+=]/i', '', $value);
             break;
         case GetterInterface::RAW:
             return $value;
         default:
             throw new \InvalidArgumentException(sprintf('Unknown Get::get type "%s"', preg_replace('/[^A-Za-z0-9_\\.-]/', '', $type)));
     }
 }
Exemplo n.º 2
0
 /**
  * Convert HTML entities to plaintext
  * Rewritten in CB to use CB's own version of html_entity_decode where innexistant or buggy in < joomla 1.5
  *
  * @deprecated 2.0 (kept for B/C with CBSubs 3.0.0), use \CBLib\Input\InjectionsFilter::getInstance()->decode( $source )
  *
  * @param	string	$source
  * @return	string	Plaintext string
  */
 function cb_html_entity_decode_all($source)
 {
     return InjectionsFilter::getInstance()->decode($source);
 }
Exemplo n.º 3
0
 /**
  * Method to be called by another php script. Processes for XSS and specified bad code.
  * @deprecated 2.0: use \CBLib\Input\Input::get() instead, or $value = \CBLib\Input\Get::clean( $value, \CBLib\Registry\GetterInterface::HTML )
  *
  * @param  mixed  $source  Input string/array-of-string to be 'cleaned'
  * @return mixed  $source  'Cleaned' version of input parameter
  */
 public function process($source)
 {
     return InjectionsFilter::getInstance($this->tagsArray, $this->attrArray, $this->tagsMethod, $this->attrMethod, $this->xssAuto)->process($source);
 }