GitBucket
4.21.2
Newer
<?php
/**
* Project: ePrints Statistics
* File: inc.class.input_check.es.php
* Description: Gross input checks for POST and GET via this object.
* Sql object does it's own checking based on the schema.
*/
class checkit {
var $_config = array();
var $_response;
var $_clean;
function checkit()
{
}
function doCheck($value)
{
if (method_exists($this, $this->_config["type"])) {
checkit::$this->_config["type"]($value);
} else {
/* Could do something meaningful here. */
}
}
function getResponse()
{
return $this->_response;
}
function setConfig($config)
{
$this->_config = $config;
}
function cookie($value)
{
if (strlen($value)>$this->_config["maxlength"]) {
$this->_response = $this->_config["action"];
}
}
function string($value)
{
/*
More restrictive here than freetext
Use could be for the form actions. If they don't match
a certain type we have to reset the request otherwise we
don't know what will happen.
*/
if (strlen($value)>$this->_config["maxlength"]) {
$this->_response = $this->_config["action"];
}
if (isset($this->_config["pattern"])) {
$pattern = $this->_config["pattern"];
if ( preg_match($pattern, $value) ) {
$this->_response = $this->_config["action"];
}
}
if (isset($this->_config["values"])) {
if (!in_array($value, $this->_config["values"])) {
$this->_response = $this->_config["action"];
}
}
return;
}
function integer($value)
{
/*
Check that value is numeric and does not exceed maxlength.
*/
if (!is_numeric($value)) {
$this->_response = $this->_config["action"];
}
$test = (int) $value;
if ($test > $this->_config["maxlength"]) {
$this->_response = $this->_config["action"];
}
}
function ignore($value)
{
return;
}
function freetext($value)
{
if (strlen($value)>$this->_config["maxlength"]) {
return 1;
}
if (isset($this->_config["pattern"])) {
$pattern = $this->_config["pattern"];
$replacement = $this->_config["replacement"];
$this->_clean = preg_replace($pattern, $replacement, $value);
return 2;
}
}
}
?>