Support Joomla!

Joomla! 1.5 Documentation

Packages

Package: Joomla-Framework

Developer Network License

The Joomla! Developer Network content is © copyright 2006 by the individual contributors and can be used in accordance with the Creative Commons License, Attribution- NonCommercial- ShareAlike 2.5

Class JInputFilter

Description
Description | Variables (details) | Methods (details)

JInputFilter is a class for filtering input from any data source

Forked from the php input filter library by: Daniel Morris <[email protected]> Original Contributors: Gianpaolo Racca, Ghislain Picard, Marco Wandschneider, Chris Tobin and Andrew Eddie.

Located in /joomla/filter/input.php (line 29) 

Class JObject   (Subpackage Base)

Class JInputFilter   (Subpackage Filter)
Variable Summary
Description | Variables (details) | Methods (details)
Variable mixed $attrArray
Variable mixed $attrBlacklist
Variable mixed $attrMethod
Variable mixed $tagBlacklist
Variable mixed $tagsArray
Variable mixed $tagsMethod
Variable mixed $xssAuto
Method Summary
Description | Variables (details) | Methods (details)
Static method static boolean checkAttribute (array $attrSubSet)
Static method static object The &getInstance ([array $tagsArray = array()], [array $attrArray = array()], [int $tagsMethod = 0], [int $attrMethod = 0], [int $xssAuto = 1])
Constructor JInputFilter __construct ([array $tagsArray = array()], [array $attrArray = array()], [int $tagsMethod = 0], [int $attrMethod = 0], [int $xssAuto = 1])
Method mixed clean (mixed $source, [string $type = 'string'])
Method array _cleanAttributes (array $attrSet)
Method string _cleanTags (string $source)
Method string _decode (string $source)
Method string _remove (string $source)
Variables
Description | Variables (details) | Methods (details)
mixed $attrArray (line 32)
mixed $attrBlacklist = array ('action', 'background', 'codebase', 'dynsrc', 'lowsrc') (line 39)
mixed $attrMethod (line 35)
mixed $tagBlacklist = array ('applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml') (line 38)
mixed $tagsArray (line 31)
mixed $tagsMethod (line 34)
mixed $xssAuto (line 37)
Methods
Description | Variables (details) Methods (details)
Constructor __construct (line 52)

Constructor for inputFilter class. Only first parameter is required.

  • since: 1.5
  • access: protected
JInputFilter __construct ([array $tagsArray = array()], [array $attrArray = array()], int $tagsMethod, int $attrMethod, [int $xssAuto = 1])
  • array $tagsArray: list of user-defined tags
  • array $attrArray: list of user-defined attributes
  • int $tagsMethod: WhiteList method = 0, BlackList method = 1
  • int $attrMethod: WhiteList method = 0, BlackList method = 1
  • int $xssAuto: Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1
Redefinition of:
JObject::__construct()
Class constructor, overridden in descendant classes.
checkAttribute (line 170)

Function to determine if contents of an attribute is safe

  • return: True if bad code is detected
  • since: 1.5
boolean checkAttribute (array $attrSubSet)
  • array $attrSubSet: A 2 element array for attributes name,value
clean (line 108)

Method to be called by another php script. Processes for XSS and specified bad code.

  • return: 'Cleaned' version of input parameter
  • since: 1.5
  • access: public
mixed clean (mixed $source, [string $type = 'string'])
  • mixed $source: Input string/array-of-string to be 'cleaned'
  • string $type: Return type for the variable (INT, FLOAT, WORD, BOOLEAN, STRING)
getInstance (line 81)

Returns a reference to an input filter object, only creating it if it doesn't already exist.

This method must be invoked as: 

  $filter = & JInputFilter::getInstance();

  • return: JInputFilter object.
  • since: 1.5
object The &getInstance ([array $tagsArray = array()], [array $attrArray = array()], int $tagsMethod, int $attrMethod, [int $xssAuto = 1])
  • array $tagsArray: list of user-defined tags
  • array $attrArray: list of user-defined attributes
  • int $tagsMethod: WhiteList method = 0, BlackList method = 1
  • int $attrMethod: WhiteList method = 0, BlackList method = 1
  • int $xssAuto: Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1
_cleanAttributes (line 367)

Internal method to strip a tag of certain attributes

  • return: Filtered array of attribute pairs
  • since: 1.5
  • access: protected
array _cleanAttributes (array $attrSet)
  • array $attrSet: Array of attribute pairs to filter
_cleanTags (line 206)

Internal method to strip a string of certain tags

  • return: 'Cleaned' version of input parameter
  • since: 1.5
  • access: protected
string _cleanTags (string $source)
  • string $source: Input string to be 'cleaned'
_decode (line 444)

Try to convert to plaintext

  • return: Plaintext string
  • since: 1.5
  • access: protected
string _decode (string $source)
  • string $source
_remove (line 185)

Internal method to iteratively remove all unwanted tags and attributes

  • return: 'Cleaned' version of input parameter
  • since: 1.5
  • access: protected
string _remove (string $source)
  • string $source: Input string to be 'cleaned'

Inherited Methods

Inherited From JObject

JObject::JObject()
JObject::__construct()
JObject::get()
JObject::getPublicProperties()
JObject::set()
JObject::toString()
Documentation generated on Mon, 05 Mar 2007 21:08:06 +0000 by phpDocumentor 1.3.1