Overview

Packages

  • CONTENIDO
  • Core
    • Authentication
    • Backend
    • Cache
    • CEC
    • Chain
    • ContentType
    • Database
    • Debug
    • Exception
    • Frontend
      • Search
      • URI
      • Util
    • GenericDB
      • Model
    • GUI
      • HTML
    • I18N
    • LayoutHandler
    • Log
    • Security
    • Session
    • Util
    • Validation
    • Versioning
    • XML
  • Module
    • ContentRssCreator
    • ContentSitemapHtml
    • ContentSitemapXml
    • ContentUserForum
    • NavigationTop
    • ScriptCookieDirective
  • mpAutoloaderClassMap
  • None
  • Plugin
    • ContentAllocation
    • CronjobOverview
    • FormAssistant
    • FrontendLogic
    • FrontendUsers
    • Linkchecker
    • ModRewrite
    • Newsletter
    • Repository
      • FrontendNavigation
      • KeywordDensity
    • SearchSolr
    • SmartyWrapper
    • UrlShortener
    • UserForum
    • Workflow
  • PluginManager
  • Setup
    • Form
    • GUI
    • Helper
      • Environment
      • Filesystem
      • MySQL
      • PHP
    • UpgradeJob
  • Smarty
    • Cacher
    • Compiler
    • Config
    • Debug
    • PluginsBlock
    • PluginsFilter
    • PluginsFunction
    • PluginsInternal
    • PluginsModifier
    • PluginsModifierCompiler
    • PluginsShared
    • Security
    • Template
    • TemplateResources
  • Swift
    • ByteStream
    • CharacterStream
    • Encoder
    • Events
    • KeyCache
    • Mailer
    • Mime
    • Plugins
    • Transport

Classes

  • cRequestValidator
  • cSecurity
  • cUpdateNotifier
  • Overview
  • Package
  • Class
  • Todo
  • Download

Class cSecurity

This object makes CONTENIDO more secure

Package: Core\Security
Copyright: four for business AG <www.4fb.de>
License: http://www.contenido.org/license/LIZENZ.txt
Author: Frederic Schneider
Located at classes/class.security.php
Methods summary
public static boolean
# checkRequests( )

Checks some CONTENIDO core related request parameters against XSS

Checks some CONTENIDO core related request parameters against XSS

Returns

boolean
True on success otherwhise nothing.
public static string
# filter( string $sString, cDb $oDb )

Escapes string using CONTENIDO urlencoding method and escapes string for inserting

Escapes string using CONTENIDO urlencoding method and escapes string for inserting

Parameters

$sString
Input string
$oDb
CONTENIDO database object

Returns

string
Filtered string
public static string
# unFilter( string $sString )

Reverts effect of method filter()

Reverts effect of method filter()

Parameters

$sString
Input string

Returns

string
Unfiltered string
public static boolean
# isBoolean( string $sVar )

Check: Has the variable an boolean value?

Check: Has the variable an boolean value?

Parameters

$sVar
Input string

Returns

boolean
Check state
public static boolean
# isInteger( string $sVar )

Check: Is the variable an integer?

Check: Is the variable an integer?

Parameters

$sVar
Input string

Returns

boolean
Check state
public static boolean
# isString( string $sVar )

Check: Is the variable an string?

Check: Is the variable an string?

Parameters

$sVar
Input string

Returns

boolean
Check state
public static boolean
# toBoolean( string $sString )

Convert an string to an boolean

Convert an string to an boolean

Parameters

$sString
Input string

Returns

boolean
Type casted input string
public static integer
# toInteger( string $sString )

Convert an string to an integer

Convert an string to an integer

Parameters

$sString
Input string

Returns

integer
Type casted input string
public static string
# toString( string $sString, boolean $bHTML = false, string $sAllowableTags = '' )

Convert an string

Convert an string

Parameters

$sString
Input string
$bHTML
If true check with strip_tags and stripslashes
$sAllowableTags
Allowable tags if $bHTML is true

Returns

string
Converted string
public static string
# escapeDB( string $sString, cDb $oDB, boolean $bUndoAddSlashes = true )

Escaped an query-string with mysql_real_escape_string

Escaped an query-string with mysql_real_escape_string

Parameters

$sString
Input string
$oDB
CONTENIDO database object
$bUndoAddSlashes
Flag for undo addslashes (optional, default: true)

Returns

string
Converted string
public static string
# escapeString( string $sString )

Escaped an query-string with addslashes

Escaped an query-string with addslashes

Parameters

$sString
Input string

Returns

string
Converted string
public static string
# unescapeDB( string $sString )

Un-quote string quoted with escapeDB()

Un-quote string quoted with escapeDB()

Parameters

$sString
Input string

Returns

string
Converted string
CMS CONTENIDO 4.9.7 API documentation generated by ApiGen