PHP Input Filter

Was browsing the Zend Code Gallery the other day and stumbled across a good code filter, useful for removing unwanted PHP / Javascript / HTML tags in your scripts.
[sourcecode language='php']
/** @class: InputFilter;
* @project: Filter User Input Source;
* @date: 18-03-2005;
* @version: 1.1.1_php5;
* @author: Daniel Morris;
* @copyright: Daniel Morris;
* @email: dan@rootcube.com;
* @license: GNU General Public License (GPL);
*/
class InputFilter {
// class config vars
private $tagsArray; // required
private $attrArray; // default = empty array
private $tagsMethod; // default = 0
private $attrMethod; // default = 0

/**
* Constructor for inputFilter class. Only first parameter is required.
* @access constructor
* @param Array $tagsArray – list of user-defined tags
* @param Array $attrArray – list of user-defined attributes
* @param int $tagsMethod – 0= allow just user-defined, 1= allow all but user-defined
* @param int $attrMethod – 0= allow just user-defined, 1= allow all but user-defined
*/
public function __construct($tagsArray, $attrArray = array(), $tagsMethod = 0, $attrMethod = 0) {
$this->tagsArray = $tagsArray;
$this->attrArray = $attrArray;
$this->tagsMethod = $tagsMethod;
$this->attrMethod = $attrMethod;
}

/**
* Method to be called by another php script.
* @access public
* @param Mixed $source – input string/array-of-string to be ‘cleaned’
* @return String $source – ‘cleaned’ version of input parameter
*/
public function process($source) {
if (is_array($source)) {
for ($i = 0; $i remove($source[$i]);
return $source;
} else if (is_string($source)) return $this->remove($source);
else return $source;
}

/**
* Internal method to iteratively remove all unwanted tags and attributes
* @access private
* @param String $source – input string to be ‘cleaned’
* @return String $source – ‘cleaned’ version of input parameter
*/
private function remove($source) {
$loopCounter=0;
// provides nested-tag protection
while($source != $this->filterTags($source)) {
$source = $this->filterTags($source);
$loopCounter++;
}
return $source;
}
/**
* Internal method to strip a string of certain tags
* @access private
* @param String $source – input string to be ‘cleaned’
* @return String $source – ‘cleaned’ version of input parameter
*/
private function filterTags($source) {
// filter pass setup
$preTag = NULL;
$postTag = $source;
// find initial tag’s position
$tagOpen_start = strpos($source, ”);
$tagOpen_nested = (strpos(substr($fromTagOpen, 1), ‘tagsArray);
// remove this tag on condition
if ((!$tagFound && $this->tagsMethod) || ($tagFound && !$this->tagsMethod)) {
// reconstruct tag with allowed attributes
if (!$isCloseTag) {
$attrSet = $this->filterAttr($attrSet);
$preTag .= ”;
else
$preTag .= ‘ />’;
// just the tagname
} else $preTag .= ”;
}
// find next tag’s start
$postTag = substr($postTag, ($tagOpen_start + $tagOpen_length + 2));
$tagOpen_start = strpos($postTag, ‘attrArray);
// keep this attr on condition
if ((!$attrFound && $this->attrMethod) || ($attrFound && !$this->attrMethod)) {
// attr has value
if ($attrSubSet[1]) $newSet[] = $attrSubSet[0] . ‘=’ . $attrSubSet[1];
// reformat single attributes to XHTML
else $newSet[] = $attrSubSet[0] . ‘=”‘ . $attrSubSet[0] . ‘”‘;
}
}
return $newSet;
}
}
[/sourcecode]
Original URL: http://www.zend.com/code/codex.php?id=1478&single=1

Leave a Reply

  • Search


Copyright © 2009 Red Canyon Ltd. All rights reserved.

Company Registration No. 6688868



Find us on Facebook! Find us on twitter! Read our blog! Bookmark us on delicious! Bookmark us on Stumbleupon!

We are listed on the FreeIndex.co.uk Web Designers directory