Contenido Security class
checkFrontendGlobals() : void
Validates client and language related variables and takes care that their content is really a numeric value.
Logic in this function is taken over from front_content.php (v 4.8.12, line 164 - 192).
TODO | : Need a solution for used globals |
---|
checkRequestBelang() : bool | void
\Contenido_Security_Exception |
if existing backend language parameter is not valid |
---|
bool
void
True on success otherwhise nothing.checkRequestForbiddenParameter() : bool | void
\Contenido_Security_Exception |
if the request contains one of forbidden parameters. |
---|
bool
void
True on success otherwhise nothing.checkRequestMustbeNumericParameter() : bool
Contrary to other request checks, this method don't throws a exception. It just insures that incomming values are really numeric, by type casting them to an integer.
bool
Just truecheckRequestSession() : bool | void
\Contenido_Security_Exception |
if contenido parameter in request don't matches the required format |
---|
bool
void
True on success otherwhise nothing.checkRequests() : bool | void
access | public |
---|
\Contenido_Security_Exception |
if one of the checks fails |
---|
bool
void
True on success otherwhise nothing.checkSession() : true
access | public |
---|---|
deprecated | Use checkRequestSession() instead due to better naming conventions |
TODO | : Should be removed, but later in few years... |
\Contenido_Security_Exception |
if contenido parameter in request don't matches the required format |
---|
true
escapeDB(string $sString, \DB_Contenido $oDB, boolean $bUndoAddSlashes) : string
static |
---|
string
input string
\DB_Contenido
contenido database object
boolean
flag for undo addslashes (optional, default: true)
string
converted stringescapeString(string $sString) : string
static |
---|
string
input string
string
converted stringfilter(string $sString, \DB_Contenido $oDb) : string
static |
---|
string
input string
\DB_Contenido
contenido database object
string
filtered stringgetAcceptedBelangValues() : array
array
getForbiddenParameters() : array
array
getMustbeNumericParameters() : array
array
isBoolean(string $sVar) : boolean
static |
---|
string
input string
boolean
check stateisInteger(string $sVar) : boolean
static |
---|
string
input string
boolean
check stateisString(string $sVar) : boolean
static |
---|
string
input string
boolean
check statetoBoolean(string $sString) : boolean
static |
---|
string
input string
boolean
type casted input stringtoInteger(string $sString) : integer
static |
---|
string
input string
integer
type casted input stringtoString(string $sString, boolean $bHTML, string $sAllowableTags) : string
static |
---|
string
input string
boolean
if true check with strip_tags and stripslashes
string
allowable tags if $bHTML is true
string
converted stringunFilter(string $sString) : string
static |
---|
string
input string
string
unfiltered stringunescapeDB(string $sString) : string
static |
---|
string
input string
string
converted string$_acceptedBelangValues : array
$_forbiddenParameters : array
$_mustbeNumericParameters : array