Documentation

Features

Project overview

Getting started

Working with application

Working with Addons/Modules/Views

Working with libraries

Class libraries

Change log

FAQ

Class libraries

filter

File: tokernel.framework/lib/filter.lib.php

Library methods

mixed clean_data(mixed $data)

Clean string or array with keys for unusual characters.

$data = " Hello\n\r world\r ! "; $data = $this->lib->filter->clean_data($data); // returns: "Hello\n world !"

If the argument is associative array this method will clean array keys also with strip_chars() method.

$array = array( "some\r_$_key1\n\r" => " some\n\r value " ); /* returns: array( "some__key1" => "some\n value" ) */

string clean_nl(string $data)

Clean new line character.

Run in CLI mode:

$data = "Hello <br /> World \r\n !"; $data = $this->lib->filter->clean_nl($data); // Returns: "Hello \n World \n !"

Run in HTTP mode:

$data = "Hello \n World \r\n !"; $data = $this->lib->filter->clean_nl($data); // Returns: "Hello <br /> World <br /> !"

string clean_source(string $data)

Clean string of javascript or php for vulnerable functions.

string clean_xss(string $data [, bool $clean_tags = false])

Clean string for possible XSS actions. Remove html tags also if the second argument $clean_tags is true.

string encode_html_entities(string $data [, string $encoding = NULL])

Encode html entity by application encoding.

string decode_html_entities(string $data [, string $encoding = NULL])

Decode html entity by application encoding.

string strip_attributes(string $data)

Remove any attribute starting with "on*" or "xmlns"

$data = '<div onclick="myfunc();">...</div>'; $data = $this->lib->filter->strip_attributes($data); // Returns: <div>...</div>

string strip_chars(string $data [, array $allowed_chars = NULL])

Clean string as a-z, A-Z, 0-9.

$data = 'name "> . \n '; $data = $this->lib->filter->strip_chars($data); // Returns: namen

Pass chars defined in $allowed_chars array.

$data = 'name "> . \n '; $data = $this->lib->filter->strip_chars($data, array('.')); // Returns name.n

string strip_comments(string $data [, bool $non_html = true])

Remove comments from string.

<!-- ... -->

if second argument $non_html is true, this method will return non html comments also.

/* ... */

string strip_hyperlinks(string $data)

Remove hyperlinks from string.

$data = 'Hello <a href="test.html">world</a> !'; $data = $this->lib->filter->strip_hyperlinks($data); // Returns: Hello !

string strip_image_tags(string $data [, bool $keep_src = false])

Remove image tags from string.

$data = 'Hello <img src="test.jpg"> world !'; $data = $this->lib->filter->strip_image_tags($data); // Returns: Hello world !

If the second argument $keep_src is true, this method will keep image source string.

$data = 'Hello <img src="test.jpg"> world !'; $data = $this->lib->filter->strip_image_tags($data, true); // Returns: Hello http://www.tokernel.com/framework/tokernel.website/downloads/documentation/images/test.jpg world ! string strip_meta(string $data)

Remove meta tags.

$data = '... <head> <meta name="language" content="English" /> <meta name="copyright" content="2012" /> </head> ...'; $data = $this->lib->filter->strip_meta($data); // Returns: ... <head> </head> ...

string strip_scripts(string $data)

Remove any script definition from string.

$data = 'Hello <?php echo "world"; ?> !'; $data = $this->lib->filter->strip_scripts($data); // Returns: Hello ! $data = 'Hello <script>alert("hello");</script> !'; $data = $this->lib->filter->strip_scripts($data); // Returns: Hello !

string strip_styles(string $data)

Remove style definition tags from string.

$data = '... <head> <link href="style.css" type="text/css" rel="stylesheet" /> <style> .test { color:#FFFFFF; } </style> </head> ...'; $data = $this->lib->filter->strip_styles($data); // Returns: ... <head> </head> ...

string strip_tabs(string $data [, string $char = ''])

Convert tabs to char specified. By default will convert to empty string.

string strip_tags(string $data)

Remove any html tag from string.

$data = '<p>Hello <strong>World!</strong></p>'; $data = $this->lib->filter->strip_tags($data); // Returns: Hello world!

string strip_whitespaces(string $data)

Remove extra whitespaces.

$data = '" Hello World !"'; $data = $this->lib->filter->strip_whitespaces($data); // Returns: " Hello World !"

Methods for accessing clean elements of global arrays

string cookie(string $item [, bool $clean_xss = false ,][ bool $strip_tags = false])

Return cleaned data from $_COOKIE global array. $data = $this->lib->filter->cookie('name', true, true);

string files(string $item [, bool $clean_xss = false ][, bool $strip_tags = false])

Return cleaned data from $_FILES global array.

string post(string $item [, bool $encode_html_entities = true ][, bool $clean_xss = false ][, bool $strip_tags = false])

Return cleaned data from $_POST global array.

$username = $this->lib->filter->post('username', true, true, true); $html_code = $this->lib->filter->post('my_textarea', false, false, false);

string request(string $item [, bool $clean_xss = false ][, bool $strip_tags = false])

Return cleaned data from $_REQUEST global array.

$name = $this->lib->filter->request('name');