Class cRequestValidator

Class to check get and post variables

Package: Core\Security
Copyright: four for business AG <www.4fb.de>
License: http://www.contenido.org/license/LIZENZ.txt
Author: Mischa Holz
Author: Andreas Kummer
Located at classes/class.requestvalidator.php

Methods summary
`private`	# `__construct( )` Constructor to create an instance of this class. The constructor sets up the singleton object and reads the config from 'data/config/' . CON_ENVIRONMENT . '/config.http_check.php' It also reads existing local config from 'data/config/' . CON_ENVIRONMENT . '/config.http_check.local.php' Constructor to create an instance of this class. The constructor sets up the singleton object and reads the config from 'data/config/' . CON_ENVIRONMENT . '/config.http_check.php' It also reads existing local config from 'data/config/' . CON_ENVIRONMENT . '/config.http_check.local.php' Throws `cFileNotFoundException` if the configuration can not be loaded
`public static cRequestValidator`	# `getInstance( )` Returns the instance of this class. Returns the instance of this class. Returns `cRequestValidator`
`public boolean`	# `checkParams( )` Checks every given parameter. Parameters which aren't defined in config.http_check.php are considered to be fine. Checks every given parameter. Parameters which aren't defined in config.http_check.php are considered to be fine. Returns `boolean` True if every parameter is fine Throws `cInvalidArgumentException`
`public boolean`	# `checkGetParams( )` Checks GET parameters only. Checks GET parameters only. Returns `boolean` True if every parameter is fine See `cRequestValidator::checkParams()`
`public boolean`	# `checkPostParams( )` Checks POST parameters only. Checks POST parameters only. Returns `boolean` True if every parameter is fine See `cRequestValidator::checkParams()`
`public boolean`	# `checkCookieParams( )` Checks COOKIE parameters only. Checks COOKIE parameters only. Returns `boolean` True if every parameter is fine See `cRequestValidator::checkParams()`
`public boolean`	# `checkParameter( string $type, string $key, mixed $value )` Checks a single parameter. Checks a single parameter. Parameters `$type` `string` $type GET or POST `$key` `string` $key the key of the parameter `$value` `mixed` $value the value of the parameter Returns `boolean` True if the parameter is fine See `cRequestValidator::checkParams()`
`public string`	# `getBadParameter( )` Returns the first bad parameter. Returns the first bad parameter. Returns `string` the key of the bad parameter
`protected`	# `logHackTrial( )` Writes a log entry containing information about the request which led to the halt of the execution. Writes a log entry containing information about the request which led to the halt of the execution. Throws `cInvalidArgumentException`
`public static string`	# `cleanParameter( string $param )` This function removes unwished chars from given string This function removes unwished chars from given string Parameters `$param` `string` $param Returns `string`
`protected boolean`	# `checkArray( array $arr, string $type )` Checks an array for validity. Checks an array for validity. Parameters `$arr` `array` $arr the array which has to be checked `$type` `string` $type GET or POST Returns `boolean` true if everything is fine.

Constants summary
`string`	`CHECK_INTEGER`	`'/^[0-9]*$/'`	# Regexp for integers. Regexp for integers.
`string`	`CHECK_PRIMITIVESTRING`	`'/^[a-zA-Z0-9 -_]*$/'`	# Regexp for primitive strings. Regexp for primitive strings.
`string`	`CHECK_STRING`	`'/^[\w0-9 -_]*$/'`	# Regexp for strings. Regexp for strings.
`string`	`CHECK_HASH32`	`'/^[a-zA-Z0-9]{32}$/'`	# Regexp for 32 character hash. Regexp for 32 character hash.
`string`	`CHECK_BELANG`	`'/^[a-z]{2}_[A-Z]{2}$/'`	# Regexp for valid belang values. Regexp for valid belang values.
`string`	`CHECK_AREASTRING`	`'/^[a-zA-Z_]*$/'`	# Regexp for valid area values. Regexp for valid area values.
`string`	`CHECK_PATHSTRING`	`'!([]\/)\|(dbfs:\/[])\|(dbfs:)\|(^)$!'`	# Regexp for validating file upload paths. Regexp for validating file upload paths.

Properties summary
`private static cRequestValidator`	`$_instance`	`null`	# Instance of this class. Instance of this class.
`protected string`	`$_logPath`		# Path and filename of logfile. Path and filename of logfile.
`protected boolean`	`$_log`	`true`	# Flag whether to write log or not. Flag whether to write log or not.
`protected string`	`$_configPath`		# Path to config file. Path to config file.
`protected array`	`$_check`	`array()`	# Array with all possible parameters and parameter formats. Structure has to be: $check['GET']['param1'] = VALIDATE_FORMAT; $check['POST']['param2'] = VALIDATE_FORMAT; Possible formats are defined as constants in top of these class file. Array with all possible parameters and parameter formats. Structure has to be: $check['GET']['param1'] = VALIDATE_FORMAT; $check['POST']['param2'] = VALIDATE_FORMAT; Possible formats are defined as constants in top of these class file.
`protected array`	`$_blacklist`	`array()`	# Array with forbidden parameters. If any of these is set the request will be invalid. Array with forbidden parameters. If any of these is set the request will be invalid.
`protected string`	`$_failure`	`''`	# Contains first invalid parameter name. Contains first invalid parameter name.
`protected string`	`$_mode`	`''`	# Current mode. Current mode.

Packages

Classes

Class cRequestValidator

Throws

Returns

Returns

Throws

Returns

See

Returns

See

Returns

See

Parameters

Returns

See

Returns

Throws

Parameters

Returns

Parameters

Returns