phpDocumentor default
[ class tree: default ] [ index: default ] [ all elements ]
default
Packages:
default
Cache_Lite
geshi
lodel
lodel-dao
lodel-install
lodel-logic
lodel-source
lodel-source-lodel-admin
lodel-source-lodel-edition
lodeladmin
Log
Mail
Mail_Mime
PEAR
servooclient

Files:
adodb-access.inc.php
adodb-ado.inc.php
adodb-ado5.inc.php
adodb-ado_access.inc.php
adodb-ado_mssql.inc.php
adodb-borland_ibase.inc.php
adodb-csv.inc.php
adodb-db2.inc.php
adodb-fbsql.inc.php
adodb-firebird.inc.php
adodb-ibase.inc.php
adodb-informix.inc.php
adodb-informix72.inc.php
adodb-iterator.inc.php
adodb-ldap.inc.php
adodb-lib.inc.php
adodb-mssql.inc.php
adodb-mssqlpo.inc.php
adodb-mysql.inc.php
adodb-mysqli.inc.php
adodb-mysqlt.inc.php
adodb-netezza.inc.php
adodb-oci8.inc.php
adodb-oci8po.inc.php
adodb-oci805.inc.php
adodb-odbc.inc.php
adodb-odbc_mssql.inc.php
adodb-odbc_oracle.inc.php
adodb-odbtp.inc.php
adodb-odbtp_unicode.inc.php
adodb-oracle.inc.php
adodb-pdo.inc.php
adodb-php4.inc.php
adodb-postgres.inc.php
adodb-postgres7.inc.php
adodb-postgres64.inc.php
adodb-proxy.inc.php
adodb-sapdb.inc.php
adodb-sqlanywhere.inc.php
adodb-sqlite.inc.php
adodb-sqlitepo.inc.php
adodb-sybase.inc.php
adodb-time.inc.php
adodb-vfp.inc.php
adodb.inc.php
backupfunc.php
basexml.php
class.entities_entries.php
class.entities_persons.php
class.entitytypes_entitytypes.php
class.entitytypes_entrytypes.php
class.entitytypes_persontypes.php
class.inputfilter.php
commands.php
common.lib.php
config.php
connector.php
defines.lib.php
defines_php.lib.php
dragndrop.php
fckeditor.php
fckeditor_php4.php
fckeditor_php5.php
html4strict.php
images.php
index.php
install.php
io.php
lodelconfig-default.php
lodelconfig.php
lodelconfig.php
lodelloader.php
macros.php
mysql_wrappers.lib.php
nusoap.php
nusoapmime.php
pclzip.lib.php
phpcompat.php
recaptchalib.php
rss_cache.inc
rss_fetch.inc
rss_parse.inc
rss_utils.inc
search.inc.php
servoofunc.php
showhtml.php
simpleXML_extented.php
Snoopy.class.inc
spellchecker.php
sql-modified.php
sqlparser.data.php
sqlparser.lib.php
string.lib.php
text.php
transfer.php
transfer.php
upload.php
util.php
view.php
WikiRenderer.conf.php
WikiRenderer.lib.php
xml.php

Classes:
ADOConnection
ADODB_access
ADODB_ado
ADODB_ado_access
ADODB_ado_mssql
ADODB_BASE_RS
ADODB_borland_ibase
ADODB_csv
ADODB_db2
ADODB_fbsql
ADODB_firebird
ADODB_ibase
ADODB_informix
ADODB_informix72
ADODB_Iterator
ADODB_ldap
ADODB_mssql
ADODB_mssqlpo
ADODB_mysql
ADODB_mysqli
ADODB_mysqlt
ADODB_netezza
ADODB_oci8
ADODB_oci8po
ADODB_oci805
ADODB_odbc
ADODB_odbc_mssql
ADODB_odbc_oracle
ADODB_odbtp
ADODB_odbtp_unicode
ADODB_oracle
ADODB_pdo
ADODB_pdo_base
ADODB_postgres7
ADODB_postgres64
ADODB_proxy
ADODB_SAPDB
ADODB_sqlanywhere
ADODB_sqlite
ADODB_sqlitepo
ADODB_sybase
ADODB_vfp
ADOFetchObj
ADOFieldObject
ADOPDOStatement
ADORecordSet
ADORecordSet_access
ADORecordSet_ado
ADORecordSet_ado_access
ADORecordSet_ado_mssql
ADORecordSet_array
ADORecordSet_array_mssql
ADORecordSet_array_sybase
ADORecordSet_assoc_postgres7
ADORecordSet_borland_ibase
ADORecordset_csv
ADORecordSet_db2
ADORecordSet_empty
ADORecordSet_ext_mysql
ADORecordSet_ext_mysqlt
ADORecordSet_ext_oci8
ADORecordSet_fbsql
ADORecordSet_firebird
ADORecordset_ibase
ADORecordset_informix
ADORecordset_informix72
ADORecordSet_ldap
ADORecordset_mssql
ADORecordset_mssqlpo
ADORecordSet_mysql
ADORecordSet_mysqli
ADORecordSet_mysqlt
ADORecordSet_netezza
ADORecordset_oci8
ADORecordset_oci8po
ADORecordset_oci805
ADORecordSet_odbc
ADORecordSet_odbc_mssql
ADORecordSet_odbc_oracle
ADORecordSet_odbtp
ADORecordSet_odbtp_access
ADORecordSet_odbtp_mssql
ADORecordSet_odbtp_oci8
ADORecordSet_odbtp_sybase
ADORecordSet_odbtp_vfp
ADORecordset_oracle
ADORecordSet_pdo
ADORecordSet_postgres7
ADORecordSet_postgres64
ADORecordset_proxy
ADORecordSet_sapdb
ADORecordSet_sqlanywhere
ADORecordset_sqlite
ADORecordset_sqlitepo
ADORecordset_sybase
ADORecordSet_vfp
entities_entriesVO
entities_personsVO
entitytypes_entitytypesVO
entitytypes_entrytypesVO
entitytypes_persontypesVO
FCKeditor
InputFilter
MagpieRSS
mysoapclient
nusoap_base
PclZip
ReCaptchaResponse
RSSCache
servooattachment
SimpleXML_extended
Snoopy
soapclientmime
soapval
soap_fault
soap_parser
soap_server
soap_transport_http
View
WikiInlineParser
WikiRenderer
WikiRendererBloc
WikiRendererConfig
WikiTag
WRB_blockquote
WRB_definition
WRB_hr
WRB_list
WRB_p
WRB_pre
WRB_table
WRB_title
wsdl
XMLSchema

Class: InputFilter

Source Location: /lodel/scripts/class.inputfilter.php

Class InputFilter

Class Overview
Class Overview | Property Summary | Properties Detail | Method Summary | Methods Detail

Located in /lodel/scripts/class.inputfilter.php [line 13] 



		
		
		
				

				
		
Properties

		
				
		
				
		
Methods

		
				
		
		

		
[ Top ]

	







	
	

		
Property Summary

		

			Class Overview
									| Property Summary | Properties Detail
												| Method Summary | Methods Detail
							    				

		

			

			

					

					

					

					

					

					

					

																																																							
mixed  
					$attrArray  
					

				
													
mixed  
					$attrBlacklist  
					

				
													
mixed  
					$attrMethod  
					

				
													
mixed  
					$tagBlacklist  
					

				
													
mixed  
					$tagsArray  
					

				
													
mixed  
					$tagsMethod  
					

				
													
mixed  
					$xssAuto  
					

				
										

			

			
[ Top ]

		

	


	
	

		
Method Summary

		

			Class Overview
																		| Property Summary | Properties Detail
							    					| Method Summary | Methods Detail
		

		

			

				

											

											

											

											

											

											

											

											

											

																																																																																								
String  
										decode()  
					Try to convert to plaintext

				
																
String  
										escapeString()  
					

				
																
Array  
										filterAttr()  
					Internal method to strip a tag of certain attributes

				
																
String  
										filterTags()  
					Internal method to strip a string of certain tags

				
																
void  
										inputFilter()  
					Constructor for inputFilter class. Only first parameter is required.

				
																
String  
										process()  
					Method to be called by another php script. Processes for XSS and specified bad code.

				
																
String  
										quoteSmart()  
					

				
																
String  
										remove()  
					Internal method to iteratively remove all unwanted tags and attributes

				
																
String  
										safeSQL()  
					Method to be called by another php script. Processes for SQL injection

				
												

			

			
[ Top ]

		

	


	
	

		
Properties

		

			Class Overview
													| Property Summary | Properties Detail
															| Method Summary | Methods Detail
												

		

			



	

		
			mixed  
			$attrArray
						[line 15]
		
	


		

	
		

	
[ Top ]







	

		
			mixed  
			$attrBlacklist
			 = array('action', 'background', 'codebase', 'dynsrc', 'lowsrc')			[line 22]
		
	


		

	
		

	
[ Top ]







	

		
			mixed  
			$attrMethod
						[line 18]
		
	


		

	
		

	
[ Top ]







	

		
			mixed  
			$tagBlacklist
			 = array('applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml')			[line 21]
		
	


		

	
		

	
[ Top ]







	

		
			mixed  
			$tagsArray
						[line 14]
		
	


		

	
		

	
[ Top ]







	

		
			mixed  
			$tagsMethod
						[line 17]
		
	


		

	
		

	
[ Top ]







	

		
			mixed  
			$xssAuto
						[line 20]
		
	


		

	
		

	
[ Top ]



		

	


	
	

		
Methods

		

			Class Overview
																		| Property Summary | Properties Detail
																	| Method Summary | Methods Detail
					

		

			







	decode  [line 263]





	

    

    
 
		String decode(
String
$source 
)
    

    



	
Try to convert to plaintext



			Parameters:

			

					

				String  
				
				$source: 
				
							

				


	

	API Tags:



  

    Access:  protected
  







		
		

	
[ Top ]









	escapeString  [line 319]





	

    

    
 
		String escapeString(

$string, 
&$connection, String
$source, Resource
$connection 
)
    

    



	
			Parameters:

			

					

				String  
				
				$source: 
				
							

					

				Resource  
				
				$connection: 
				
				 - An open MySQL connection			

					

				  
				
				$string: 
				
							

					

				  
				
				&$connection: 
				
							

				


	

	API Tags:



  

    Access:  protected
  






Information Tags:



  

    Author:  Daniel Morris
  

  

    Author:  Chris Tobin
  




		
		

	
[ Top ]









	filterAttr  [line 196]





	

    

    
 
		Array filterAttr(
Array
$attrSet 
)
    

    



	
Internal method to strip a tag of certain attributes



			Parameters:

			

					

				Array  
				
				$attrSet: 
				
							

				


	

	API Tags:



  

    Access:  protected
  







		
		

	
[ Top ]









	filterTags  [line 89]





	

    

    
 
		String filterTags(
String
$source 
)
    

    



	
Internal method to strip a string of certain tags



			Parameters:

			

					

				String  
				
				$source: 
				
				 - input string to be 'cleaned'			

				


	

	API Tags:



  

    Return:  - 'cleaned' version of input parameter
  

  

    Access:  protected
  







		
		

	
[ Top ]









	inputFilter  [line 33]





	

    

    
 
		void inputFilter(
[Array
$tagsArray = array()], [Array
$attrArray = array()], [int
$tagsMethod = 0], [int
$attrMethod = 0], [int
$xssAuto = 1] 
)
    

    



	
Constructor for inputFilter class. Only first parameter is required.



			Parameters:

			

					

				Array  
				
				$tagsArray: 
				
				 - list of user-defined tags			

					

				Array  
				
				$attrArray: 
				
				 - list of user-defined attributes			

					

				int  
				
				$tagsMethod: 
				
				 - 0= allow just user-defined, 1= allow all but user-defined			

					

				int  
				
				$attrMethod: 
				
				 - 0= allow just user-defined, 1= allow all but user-defined			

					

				int  
				
				$xssAuto: 
				
				 - 0= only auto clean essentials, 1= allow clean blacklisted tags/attr			

				


	

	

		
		

	
[ Top ]









	process  [line 51]





	

    

    
 
		String process(
Mixed
$source 
)
    

    



	
Method to be called by another php script. Processes for XSS and specified bad code.



			Parameters:

			

					

				Mixed  
				
				$source: 
				
				 - input string/array-of-string to be 'cleaned'			

				


	

	API Tags:



  

    Return:  - 'cleaned' version of input parameter
  

  

    Access:  public
  







		
		

	
[ Top ]









	quoteSmart  [line 303]





	

    

    
 
		String quoteSmart(
String
$source, 
&$connection, Resource
$connection 
)
    

    



	
			Parameters:

			

					

				String  
				
				$source: 
				
							

					

				Resource  
				
				$connection: 
				
				 - An open MySQL connection			

					

				  
				
				&$connection: 
				
							

				


	

	API Tags:



  

    Access:  protected
  






Information Tags:



  

    Author:  Daniel Morris
  

  

    Author:  Chris Tobin
  




		
		

	
[ Top ]









	remove  [line 72]





	

    

    
 
		String remove(
String
$source 
)
    

    



	
Internal method to iteratively remove all unwanted tags and attributes



			Parameters:

			

					

				String  
				
				$source: 
				
				 - input string to be 'cleaned'			

				


	

	API Tags:



  

    Return:  - 'cleaned' version of input parameter
  

  

    Access:  protected
  







		
		

	
[ Top ]









	safeSQL  [line 280]





	

    

    
 
		String safeSQL(
Mixed
$source, 
&$connection, Buffer
$connection 
)
    

    



	
Method to be called by another php script. Processes for SQL injection



			Parameters:

			

					

				Mixed  
				
				$source: 
				
				 - input string/array-of-string to be 'cleaned'			

					

				Buffer  
				
				$connection: 
				
				 - An open MySQL connection			

					

				  
				
				&$connection: 
				
							

				


	

	API Tags:



  

    Return:  - 'cleaned' version of input parameter
  

  

    Access:  public
  







		
		

	
[ Top ]



		

	



        

		    

		    Documentation generated on Thu, 24 Jul 2008 05:07:47 +0200 by phpDocumentor 1.4.0a2