Overview

Packages

  • CONTENIDO
  • Core
    • Authentication
    • Backend
    • Cache
    • CEC
    • Chain
    • ContentType
    • Database
    • Debug
    • Exception
    • Frontend
      • Search
      • URI
      • Util
    • GenericDB
      • Model
    • GUI
      • HTML
    • I18N
    • LayoutHandler
    • Log
    • Security
    • Session
    • Util
    • Validation
    • Versioning
    • XML
  • Module
    • ContentSitemapHtml
    • ContentSitemapXml
    • ContentUserForum
    • NavigationTop
    • ScriptCookieDirective
  • mpAutoloaderClassMap
  • None
  • PHP
  • Plugin
    • ContentAllocation
    • CronjobOverview
    • FormAssistant
    • FrontendLogic
    • FrontendUsers
    • Linkchecker
    • ModRewrite
    • Newsletter
    • Repository
      • FrontendNavigation
      • KeywordDensity
    • SIWECOS
    • SmartyWrapper
    • UrlShortener
    • UserForum
    • Workflow
  • PluginManager
  • Setup
    • Form
    • GUI
    • Helper
      • Environment
      • Filesystem
      • MySQL
      • PHP
    • UpgradeJob

Classes

  • cRequestValidator
  • cSecurity
  • cUpdateNotifier
  • Overview
  • Package
  • Class
  • Tree
  • Deprecated
  • Todo

Class cSecurity

This object makes CONTENIDO more secure.

Package: Core\Security
Copyright: four for business AG <www.4fb.de>
License: http://www.contenido.org/license/LIZENZ.txt
Author: Frederic Schneider
Located at classes/class.security.php
Methods summary
public static boolean
# checkRequests( )

Checks some CONTENIDO core related request parameters against XSS.

Checks some CONTENIDO core related request parameters against XSS.

Returns

boolean
True on success otherwise nothing.

Throws

cInvalidArgumentException
public static string
# filter( string $sString, cDb $oDb )

Escapes string using CONTENIDO urlencoding method and escapes string for inserting.

Escapes string using CONTENIDO urlencoding method and escapes string for inserting.

Parameters

$sString
string
$sString Input string
$oDb
cDb
$oDb CONTENIDO database object

Returns

string
Filtered string
public static string
# unFilter( string $sString )

Reverts effect of method filter().

Reverts effect of method filter().

Parameters

$sString
string
$sString Input string

Returns

string
Unfiltered string
public static boolean
# isBoolean( string $sVar )

Check: Has the variable an bool value?

Check: Has the variable an bool value?

Parameters

$sVar
string
$sVar Input string

Returns

boolean
Check state
public static boolean
# isInteger( string $sVar )

Check: Is the variable an integer?

Check: Is the variable an integer?

Parameters

$sVar
string
$sVar Input string

Returns

boolean
Check state
public static boolean
# isString( string $sVar )

Check: Is the variable an string?

Check: Is the variable an string?

Parameters

$sVar
string
$sVar Input string

Returns

boolean
Check state
public static boolean
# toBoolean( string $sString )

Convert an string to an bool.

Convert an string to an bool.

Parameters

$sString
string
$sString Input string

Returns

boolean
Type casted input string
public static integer
# toInteger( string $sString )

Convert an string to an integer.

Convert an string to an integer.

Parameters

$sString
string
$sString Input string

Returns

integer
Type casted input string
public static string
# toString( string $sString, boolean $bHTML = false, string $sAllowableTags = '' )

Convert an string.

Convert an string.

Parameters

$sString
string
$sString Input string
$bHTML
boolean
$bHTML [optional] If true check with strip_tags and stripslashes
$sAllowableTags
string
$sAllowableTags [optional] Allowable tags if $bHTML is true

Returns

string
Converted string
public static string
# escapeDB( string $sString, cDb $oDB, boolean $bUndoAddSlashes = true )

Escaped an query-string with mysql_real_escape_string.

Escaped an query-string with mysql_real_escape_string.

Parameters

$sString
string
$sString Input string
$oDB
cDb
$oDB CONTENIDO database object
$bUndoAddSlashes
boolean
$bUndoAddSlashes [optional; default: true] Flag for undo addslashes

Returns

string
Converted string
public static string
# escapeString( string $sString )

Escaped an query-string with addslashes.

Escaped an query-string with addslashes.

Parameters

$sString
string
$sString Input string

Returns

string
Converted string
public static string
# unescapeDB( string $sString )

Un-quote string quoted with escapeDB().

Un-quote string quoted with escapeDB().

Parameters

$sString
string
$sString Input string

Returns

string
Converted string
CMS CONTENIDO 4.10.1 API documentation generated by ApiGen 2.8.0