PHP Security Wrapper Documentation

PHP Security Wrapper Documentation http://php.davidsteinsland.net/php-security-wrapper/documentation/ 2012-02-23T03:04:33+01:00 FeedCreator 1.7.2-ppt DokuWiki Useful links about Security - created 2010-07-24T00:49:33+01:00 2010-07-24T00:49:33+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/links?rev=1279925373&do=diff David Steinsland

* Almost Perfect htaccess File for WordPress Blogs * PHP Security Guide * PHP Security Presentation (Ilia Alshanetsky) * Symantec's Guide to PHP Security * PHP Architect: Never Use $_GET Again * PHP Freaks: PHP Security

A PHP Security Wrapper 2010-07-22T18:12:42+01:00 2010-07-22T18:12:42+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/home?rev=1279815162&do=diff David Steinsland

Hi, there. Looks like you've just made it to the documentation. Well, what do you need to know? One thing I could mention: do you want to contribute to this project? See How to Contribute. * Input * * Input_Item * * Sanitation * * Validation *

Todo's 2010-07-22T18:08:18+01:00 2010-07-22T18:08:18+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/todo?rev=1279814898&do=diff David Steinsland

* Validation::is_alnum, Validation::is_alpha, Validation::is_alpha_dash and Sanitation::alnum does not handle whitespaces. This means that “John Doe” will aways fail, as there is a whitespace between “john” and “Doe”. FIX THIS

Validation::is_string 2010-07-22T17:29:33+01:00 2010-07-22T17:29:33+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/validation/is_string?rev=1279812573&do=diff David Steinsland

Validation::is_string — Checks if the data is a string. Description Parameters * data The data to be checked. Return Values TRUE if valid, FALSE otherwise. See Also * is_integer * is_numeric Validation, Data Types

Validation Class 2010-07-22T17:27:48+01:00 2010-07-22T17:27:48+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/validation?rev=1279812468&do=diff David Steinsland

The Validation class is a stand-alone library, which in terms means that it does not actually requires any other to function. The usage of this class is to validate data. Quick Example We are validating a string to with the Validation::is_alnum method, to ensure that the data only consist of alpha-numerical characters.

Sanitation Class 2010-07-22T17:27:42+01:00 2010-07-22T17:27:42+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/sanitation?rev=1279812462&do=diff David Steinsland

The Sanitation class is a stand-alone library, which in terms means that it does not actually requires any other to function. The usage of this class is to sanitize data. Quick Example We are sanitizing a string to with the Sanitation::alnum method, to ensure that the data only consist of alpha-numerical characters.

Input_Item Class 2010-07-22T17:27:35+01:00 2010-07-22T17:27:35+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/input_item?rev=1279812455&do=diff David Steinsland

The Input_Item class filters the GPCS data. Quick Example Filtering the data Methods

Input Class 2010-07-22T17:27:27+01:00 2010-07-22T17:27:27+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/input?rev=1279812447&do=diff David Steinsland

The Input class fetches data from GET, POST, COOKIE or SERVER and offer methods for validation and sanitation. Quick Example Validate the data Methods

Code Samples 2010-07-21T21:50:38+01:00 2010-07-21T21:50:38+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/code/tips?rev=1279741838&do=diff David Steinsland

POST Requests Case: a form with Name, Email and Message is posted. We want to get the values, validate and prepare a SQL query.

How to Contribute 2010-07-21T21:48:29+01:00 2010-07-21T21:48:29+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/code/contribute?rev=1279741709&do=diff David Steinsland

Report Bugs or Suggest new Features Since comments are enabled on every page, you can write your suggestions on this page, or report a bug on the function's page. Submitting new functions It's very easy to write your own functions for validation or sanitation. Check the example below.

Sanitation::filter 2010-07-21T21:46:39+01:00 2010-07-21T21:46:39+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/sanitation/filter?rev=1279741599&do=diff David Steinsland

Sanitation::filter — Allows you to filter the data with PHP's filter_var function. Description Parameters * data The data to be sanitized. * filter A valid filter. See full list of available filters. Return Values Returns the filtered data, or FALSE if the filter fails.

Sanitation::remove_multiple 2010-07-21T21:46:11+01:00 2010-07-21T21:46:11+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/sanitation/remove_multiple?rev=1279741571&do=diff David Steinsland

Sanitation::remove_multiple — Strips any adjacent identical characters to one Description Parameters * data The data to remove from * remove The character to remove Return Values $data Examples See Also Sanitation. Sanitation

Sanitation::alpha - created 2010-07-21T21:43:01+01:00 2010-07-21T21:43:01+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/sanitation/alpha?rev=1279741381&do=diff David Steinsland

Sanitation::alpha — Strips the data to only contain alphabetical characters. Description Parameters * data The data to be sanitized. Return Values $data Sanitation

Validation::identical - created 2010-07-21T21:42:03+01:00 2010-07-21T21:42:03+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/validation/identical?rev=1279741323&do=diff David Steinsland

Validation::identical — Determines whether the two specified variables are identical to each other (value + data type). Description Parameters * data The data to be checked. * match the identical data Return Values TRUE if valid, FALSE otherwise.

Validation::matches - created 2010-07-21T21:40:54+01:00 2010-07-21T21:40:54+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/validation/matches?rev=1279741254&do=diff David Steinsland

Validation::matches — Checks if the data matches another Description Parameters * data The data to be checked. * match the matched data Return Values TRUE if valid, FALSE otherwise. See Also Validation::identical Validation

Input_Item::sanitize - created 2010-07-21T21:38:41+01:00 2010-07-21T21:38:41+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/input_item/sanitize?rev=1279741121&do=diff David Steinsland

Input_Item::sanitize — Sanitizes the specified data. Description Parameters * method A valid Sanitation method. * data The data which will be sanitized * options Options sent to the sanitation method. Only required in special cases. Return Values If $data is not set, NULL will be returned. FALSE is returned on sanitation failure. $data is returned when sanitation is complete.

Input_Item::validate - created 2010-07-21T21:37:54+01:00 2010-07-21T21:37:54+01:00 http://php.davidsteinsland.net/php-security-wrapper/documentation/input_item/validate?rev=1279741074&do=diff David Steinsland

Input_Item::validate — Validates the specified data. Description Parameters * method A valid Validation method. * data The data which will be validated. * options Options sent to the validation method. Only required in special cases. Return Values If $data is not set, NULL will be returned. FALSE is returned on validation failure and TRUE returns of everything's OK.