utilityTextFilter
to filter HTML text strings to remove dangerous tags. This class was created by
Daniel Morris
Changes made for Scorpio:
Updated and corrected doc-block comments, and changed class name so it works better with Scorpio framework. Also corrected MySQL method where connection not being used in mysql_real_escape_string() (even though it is being passed in). Made by: Dave Redfern on 11-01-2007.
Methods
public __construct([$tagsArray = array()], [$attrArray = array()], [$tagsMethod = 0], [$attrMethod = 0], [$xssAuto = 1])
Constructor for inputFilter class. Only first parameter is required.
public process($source)
Method to be called by another php script. Processes for XSS and specified bad code.
protected remove($source)
Internal method to iteratively remove all unwanted tags and attributes
protected filterTags($source)
Internal method to strip a string of certain tags
protected filterAttr($attrSet)
Internal method to strip a tag of certain attributes
protected decode($source)
Try to convert to plaintext
public safeSQL($source, $connection)
Method to be called by another php script. Processes for SQL injection
protected quoteSmart($source, $connection)
protected escapeString($string, $connection)
Posted by: Scorpio Documentor (Writer), in Utility on 19 Nov 2009 @ 20:39
Tags: utility, utilitytextfilter,
This
work is licenced under a
Creative Commons Licence.