Contenido Security class
checkFrontendGlobals() : void
Validates client and language related variables and takes care that their content is really a numeric value.
Logic in this function is taken over from front_content.php (v 4.8.12, line 164 - 192).
| TODO | : Need a solution for used globals |
|---|
checkRequestBelang() : bool | void
\Contenido_Security_Exception |
if existing backend language parameter is not valid |
|---|
boolvoidTrue on success otherwhise nothing.checkRequestForbiddenParameter() : bool | void
\Contenido_Security_Exception |
if the request contains one of forbidden parameters. |
|---|
boolvoidTrue on success otherwhise nothing.checkRequestMustbeNumericParameter() : bool
Contrary to other request checks, this method don't throws a exception. It just insures that incomming values are really numeric, by type casting them to an integer.
boolJust truecheckRequestSession() : bool | void
\Contenido_Security_Exception |
if contenido parameter in request don't matches the required format |
|---|
boolvoidTrue on success otherwhise nothing.checkRequests() : bool | void
| access | public |
|---|
\Contenido_Security_Exception |
if one of the checks fails |
|---|
boolvoidTrue on success otherwhise nothing.checkSession() : true
| access | public |
|---|---|
| deprecated | Use checkRequestSession() instead due to better naming conventions |
| TODO | : Should be removed, but later in few years... |
\Contenido_Security_Exception |
if contenido parameter in request don't matches the required format |
|---|
trueescapeDB(string $sString, \DB_Contenido $oDB, boolean $bUndoAddSlashes) : string
| static |
|---|
stringinput string
\DB_Contenidocontenido database object
booleanflag for undo addslashes (optional, default: true)
stringconverted stringescapeString(string $sString) : string
| static |
|---|
stringinput string
stringconverted stringfilter(string $sString, \DB_Contenido $oDb) : string
| static |
|---|
stringinput string
\DB_Contenidocontenido database object
stringfiltered stringgetAcceptedBelangValues() : array
arraygetForbiddenParameters() : array
arraygetMustbeNumericParameters() : array
arrayisBoolean(string $sVar) : boolean
| static |
|---|
stringinput string
booleancheck stateisInteger(string $sVar) : boolean
| static |
|---|
stringinput string
booleancheck stateisString(string $sVar) : boolean
| static |
|---|
stringinput string
booleancheck statetoBoolean(string $sString) : boolean
| static |
|---|
stringinput string
booleantype casted input stringtoInteger(string $sString) : integer
| static |
|---|
stringinput string
integertype casted input stringtoString(string $sString, boolean $bHTML, string $sAllowableTags) : string
| static |
|---|
stringinput string
booleanif true check with strip_tags and stripslashes
stringallowable tags if $bHTML is true
stringconverted stringunFilter(string $sString) : string
| static |
|---|
stringinput string
stringunfiltered stringunescapeDB(string $sString) : string
| static |
|---|
stringinput string
stringconverted string$_acceptedBelangValues : array
$_forbiddenParameters : array
$_mustbeNumericParameters : array