Difference between revisions of "JFilterInput/clean"
From Joomla! Documentation
< API16:JFilterInput
(New page: ===Description===
Method to be called by another php script. Processes for XSS and specified bad code.
<span class="editsection" style="font-size:76%;">
<nowiki>[</nowiki>[[Descriptio...) |
m (removing red link to edit, no existant pages) |
||
Line 3: | Line 3: | ||
<span class="editsection" style="font-size:76%;"> | <span class="editsection" style="font-size:76%;"> | ||
− | <nowiki>[< | + | <nowiki>[<! removed edit link to red link >]</nowiki> |
</span> | </span> | ||
− | + | <! removed transcluded page call, red link never existed > | |
===Syntax=== | ===Syntax=== | ||
Line 127: | Line 127: | ||
<span class="editsection" style="font-size:76%;"> | <span class="editsection" style="font-size:76%;"> | ||
− | <nowiki>[< | + | <nowiki>[<! removed edit link to red link >]</nowiki> |
</span> | </span> | ||
− | + | <! removed transcluded page call, red link never existed > | |
===Examples=== | ===Examples=== | ||
Line 142: | Line 142: | ||
format= ,,, | format= ,,, | ||
</dpl> | </dpl> | ||
+ | [[Category:Archived pages API16]] |
Revision as of 00:07, 13 May 2013
The "API16" namespace is an archived namespace. This page contains information for a Joomla! version which is no longer supported. It exists only as a historical reference, it will not be improved and its content may be incomplete and/or contain broken links.
Description[edit]
Method to be called by another php script. Processes for XSS and specified bad code.
[<! removed edit link to red link >]
<! removed transcluded page call, red link never existed >
Syntax[edit]
clean($source, $type='string')
Parameter Name | Default Value | Description |
---|---|---|
$source | $source Input string/array-of-string to be 'cleaned' | |
$type | 'string' | $type Return type for the variable (INT, FLOAT, BOOLEAN, WORD, ALNUM, CMD, BASE64, STRING, ARRAY, PATH, NONE) |
Returns[edit]
mixed 'Cleaned' version of input parameter
Defined in[edit]
libraries/joomla/filter/filterinput.php
Importing[edit]
jimport( 'joomla.filter.filterinput' );
Source Body[edit]
public function clean($source, $type='string')
{
// Handle the type constraint
switch (strtoupper($type))
{
case 'INT' :
case 'INTEGER' :
// Only use the first integer value
preg_match('/-?[0-9]+/', (string) $source, $matches);
$result = @ (int) $matches[0];
break;
case 'FLOAT' :
case 'DOUBLE' :
// Only use the first floating point value
preg_match('/-?[0-9]+(\.[0-9]+)?/', (string) $source, $matches);
$result = @ (float) $matches[0];
break;
case 'BOOL' :
case 'BOOLEAN' :
$result = (bool) $source;
break;
case 'WORD' :
$result = (string) preg_replace('/[^A-Z_]/i', '', $source);
break;
case 'ALNUM' :
$result = (string) preg_replace('/[^A-Z0-9]/i', '', $source);
break;
case 'CMD' :
$result = (string) preg_replace('/[^A-Z0-9_\.-]/i', '', $source);
$result = ltrim($result, '.');
break;
case 'BASE64' :
$result = (string) preg_replace('/[^A-Z0-9\/+=]/i', '', $source);
break;
case 'STRING' :
$result = (string) $this->_remove($this->_decode((string) $source));
break;
case 'ARRAY' :
$result = (array) $source;
break;
case 'PATH' :
$pattern = '/^[A-Za-z0-9_-]+[A-Za-z0-9_\.-]*([\\\\\/][A-Za-z0-9_-]+[A-Za-z0-9_\.-]*)*$/';
preg_match($pattern, (string) $source, $matches);
$result = @ (string) $matches[0];
break;
case 'USERNAME' :
$result = (string) preg_replace('/[\x00-\x1F\x7F<>"\'%&]/', '', $source);
break;
default :
// Are we dealing with an array?
if (is_array($source))
{
foreach ($source as $key => $value)
{
// filter element for XSS and other 'bad' code etc.
if (is_string($value)) {
$source[$key] = $this->_remove($this->_decode($value));
}
}
$result = $source;
}
else
{
// Or a string?
if (is_string($source) && !empty ($source)) {
// filter source for XSS and other 'bad' code etc.
$result = $this->_remove($this->_decode($source));
}
else {
// Not an array or string.. return the passed parameter
$result = $source;
}
}
break;
}
return $result;
}
[<! removed edit link to red link >] <! removed transcluded page call, red link never existed >
Examples[edit]
<CodeExamplesForm />