PHP5 Security Wrapper

Validates and sanitizes your data!

Introduction

PHP Security Wrapper is a PHP5 library built to help you secure your applications by validating user data and sanitizing it for output. Deployment takes one second, and then you're off!

You are able to fetch user data (GPCS), filter it, validate and sanitize it. You can also add your own functions if the built-ins aren't enough.

What makes it good?

It comes bundled with many validation and sanitation functions already, that suites most of your needs. If you find yourself longing for other methods for your application, they can be added in an instant!

The wrappers focuses on flexibility and are thus ready-to-go when unzipped. No configuration are required!

Getting Started

// Include the whole library
include_once 'lib/WrapperAbstract.php';
include_once 'lib/Input.php';
include_once 'lib/Input_Item.php';
include_once 'lib/Validation.php';
include_once 'lib/Sanitation.php';

$input = new Input;

// Getting 'key' from GET, and checks if it has been set.
if ($key = $input->get ('key') AND $key->is_valid())
{
	// Validates the data to be alpha-numerical
	if ($key->validate ('is_alnum')) {
		// 'key' consist of only alpha-numerical characters.
		// it's safe to print
		echo $key->value();
	}
}

Filtering the data before validation

$key = $input->get ('key')->apply_filter (FILTER_VALIDATE_INT);

// returns validated data on success, FALSE on failure
// and NULL if the key is not set.
if ($key->is_valid()) {
	// 'key' is validated as integer.
	// No need to use validate/sanitation
}

Getting a user's IP

$ip = $input->server ('REMOTE_ADDR')->apply_filter (FILTER_VALIDATE_IP);

// The the IP is invalid, it will print 'Invalid IP'. 
echo $ip->value ('Invalid IP');

Output data from MySQL

$SQL = mysql_query ('SELECT foo FROM bar');

while ($Data = mysql_fetch_object ($SQL)) {
    echo $input->sanitize ('xss_clean', $Data->content);
}

Stand-alone Example

$sanitation = new Sanitation;

$SQL = mysql_query ('SELECT foo FROM bar');

while ($Data = mysql_fetch_object ($SQL)) {
    echo $sanitation->xss_clean ($Data->content);
}

Quick Reference (outdated...)