contenido\classes\class.httpinputvalidator.php
Description: This class provides validation methods for HTTP parameters (GET and POST). Originally based on work of kummer and started by discussion in contenido forum this class is a little bit "re-writed" for better interaction with contenido. Thanks to Andreas Kummer (aka kummer) for this great idea!
Requirements:
- Author
- Andreas Kummer, Holger Librenz
- Con_notice
- ToDo: Error page re-direction?
- Con_php_req
- 5.0
- Copyright
- atelierQ Kummer, four for business AG
- License
- http://www.contenido.org/license/LIZENZ.txt
- Link
- http://www.4fb.de
- Link
- http://www.contenido.org
- Package
- Contenido Backend classes
- Since
- file available since contenido release <= 4.6
- TODO
- : Some features are the same as in Contenido_Security (see contenido/classes/class.security.php), merge them... {@internal created 2008-02-06 modified 2008-06-10, I. van Peeren, initially set $this->bLog as $bLog in config file modified 2008-07-02, Frederic Schneider, add security fix $Id: class.httpinputvalidator.php 1157 2010-05-20 14:10:43Z xmurrix $: }}
- Version
- 1.1.2
Constants
\HttpInputValidator
- See
- \global\http://contenido.org/forum/viewtopic.php?p=113492#113492
- Version
- 1.0.1
Properties


array $aCheck = array()
Structure has to be:
$check['GET']['param1'] = VALIDATE_FORMAT;
$check['POST']['param2'] = VALIDATE_FORMAT;
Possible formats are defined as constants in top of these class file.
array()
Details- Type
- array


array $aPostVariables = array()
array()
Details- Type
- array
Methods


HttpInputValidator(string $sConfigPath) : \HttpInputValidator
Constructor
Configuration path $sConfigPath is mandatory and has to contain the complete path to configuration file with defined parameters.
The class provides two modes: training and arcade. Training mode only logs violations - if log path is given into log file otherwise as comment into HTML output. Arcade mode is made for killing - every violation will cause an hard exit!
Name | Type | Description |
---|---|---|
$sConfigPath | string |
Type | Description |
---|---|
\HttpInputValidator |


checkGetParams() : bool
Checks all GET params and returns true in case of a violation, otherwise false.
Type | Description |
---|---|
bool |


checkParameter(string $sType, string $sKey, mixed $mValue) : bool
This method checks parameter of type $sType (currently GET and POST are supported) and name $sKey has valid value $mValue.
In this case or in case of unknown but empty params, the method will also return true.
Name | Type | Description |
---|---|---|
$sType | string | |
$sKey | string | |
$mValue | mixed |
Type | Description |
---|---|
bool |


checkPostParams() : void
Fills status-array $aPostVariables.
Is POST-param known and valid mapped value is true.


isRegularPost(string $sKey) : mixed
Checks POST param $sKey is unknown (result is null), known but invalid (result is false) or it is known and valid (result is true).
Name | Type | Description |
---|---|---|
$sKey | string |
Type | Description |
---|---|
mixed |