CONTENIDO_API 4.8.16 CL
Back to top  

This class is the extended version of excelent code made by kummer.

version 1.0.1
see \http://contenido.org/forum/viewtopic.php?p=113492#113492

 Methods

Constructor

HttpInputValidator(string $sConfigPath) : \HttpInputValidator

Configuration path $sConfigPath is mandatory and has to contain the complete path to configuration file with defined parameters.

The class provides two modes: training and arcade. Training mode only logs violations - if log path is given into log file otherwise as comment into HTML output. Arcade mode is made for killing - every violation will cause an hard exit!

Parameters

$sConfigPath

string

Returns

\HttpInputValidator

Checks all GET params and returns true in case of a violation, otherwise false.

checkGetParams() : bool

Returns

bool

This method checks parameter of type $sType (currently GET and POST are supported) and name $sKey has valid value $mValue. In this case or in case of unknown but empty params, the method will also return true.

checkParameter(string $sType, string $sKey, mixed $mValue) : bool

Parameters

$sType

string

$sKey

string

$mValue

mixed

Returns

bool

Fills status-array $aPostVariables. Is POST-param known and valid mapped value is true.

checkPostParams() 

Checks POST param $sKey is unknown (result is null), known but invalid (result is false) or it is known and valid (result is true).

isRegularPost(string $sKey) : mixed

Parameters

$sKey

string

Returns

mixed

Tries to log date, remote ip and the requested URI into log file.

logHackTrial() 

Print html comment or returns (depending on flag $bReturn) all POST params.

showPosts($bReturn) : string

Parameters

$bReturn

Returns

string

 Properties

 

Array with all possible parameters and parameter formats.

$aCheck : array

Structure has to be:

$check['GET']['param1']  = VALIDATE_FORMAT;
$check['POST']['param2']    = VALIDATE_FORMAT;

Possible formats are defined as constants in top of these class file.

 

Associative array with available POST parameter name as key and flag whether this parameter is "clean" or not.

$aPostVariables : array

 

Flag whether to write log or not.

$bLog : boolean

 

Path to config file.

$sConfigPath : string

 

Contains first invalid parameter name.

$sFailure : string

 

Path and filename of logfile

$sLogPath : string

 

Current mode

$sMode : string