Sanitize Class Reference
Public Member Functions | |
| cleanArray (&$toClean) | |
| cleanArrayR (&$toClean) | |
| cleanValue ($val) | |
| formatColumns (&$model) | |
| html ($string, $remove=false) | |
| paranoid ($string, $allowed=array()) | |
| sql ($string) | |
Detailed Description
Definition at line 38 of file sanitize.php.
Member Function Documentation
| Sanitize::cleanArray | ( | &$ | toClean | ) |
Recursively sanitizes given array of data for safe input.
- Parameters:
-
mixed $toClean
- Returns:
- mixed public
Definition at line 101 of file sanitize.php.
| Sanitize::cleanArrayR | ( | &$ | toClean | ) |
Method used for recursively sanitizing arrays of data for safe input
- Parameters:
-
array $toClean
- Returns:
- array The clean array public
Definition at line 112 of file sanitize.php.
| Sanitize::cleanValue | ( | $ | val | ) |
Do we really need to sanitize array keys? If so, we can use this code... function cleanKey($key) { if ($key == "") { return ""; } URL decode and convert chars to HTML entities $key = htmlspecialchars(urldecode($key)); Remove .. $key = preg_replace( "/\.\./", "", $key ); Remove __FILE__, etc. $key = preg_replace( "/\_\_(.+?)\_\_/", "", $key ); Trim word chars, '.', '-', '_' $key = preg_replace( "/^([\w\.\-\_]+)$/", "$1", $key ); return $key; } Method used by cleanArray() to sanitize array nodes.
- Parameters:
-
string $val
- Returns:
- string public
Definition at line 151 of file sanitize.php.
| Sanitize::formatColumns | ( | &$ | model | ) |
Formats column data from definition in DBO's $columns array
- Parameters:
-
Model $model The model containing the data to be formatted
- Returns:
- void public
Definition at line 181 of file sanitize.php.
| Sanitize::html | ( | $ | string, | |
| $ | remove = false | |||
| ) |
Returns given string safe for display as HTML. Renders entities.
- Parameters:
-
string $string boolean $remove If true, the string is stripped of all HTML tags
- Returns:
- string public
Definition at line 84 of file sanitize.php.
| Sanitize::paranoid | ( | $ | string, | |
| $ | allowed = array() | |||
| ) |
Removes any non-alphanumeric characters.
- Parameters:
-
string $string
- Returns:
- string public
Definition at line 46 of file sanitize.php.
| Sanitize::sql | ( | $ | string | ) |
Makes a string SQL-safe by adding slashes (if needed).
- Parameters:
-
string $string
- Returns:
- string public
Definition at line 70 of file sanitize.php.
The documentation for this class was generated from the following file:
- 1.1.x.x/cake/libs/sanitize.php
