CONTENIDO Security class

 Methods

Checks some global variables at frontend like $lang, $client, $changelang, $changeclient, $tmpchangelang.

checkFrontendGlobals() : void
Static

Validates client and language related variables and takes care that their content is really a numeric value.

Logic in this function is taken over from front_content.php (v 4.8.12, line 164 - 192).

deprecated [2012-07-02] This function is now executed by cRequestValidator

Checks backend language parameter in request.

checkRequestBelang() : bool | void
Static
deprecated [2012-07-02] This function is now executed by cRequestValidator

Returns

boolvoidTrue on success otherwhise nothing.

Checks for forbidden parameters in request.

checkRequestForbiddenParameter() : bool | void
Static
deprecated [2012-07-02] This function is now executed by cRequestValidator

Returns

boolvoidTrue on success otherwhise nothing.

Checks for parameters in request who must be numeric.

checkRequestMustbeNumericParameter() : bool
Static

Contrary to other request checks, this method don't throws a exception. It just insures that incomming values are really numeric, by type casting them to an integer.

deprecated [2012-07-02] This function is now executed by cRequestValidator

Returns

boolJust true

Checks/Validates existing CONTENIDO session request parameter.

checkRequestSession() : bool | void
Static
deprecated [2012-07-02] This function is now executed by cRequestValidator

Returns

boolvoidTrue on success otherwhise nothing.

Checks some CONTENIDO core related request parameters against XSS

checkRequests() : bool | void
Static
deprecated [2012-07-02] This function is now executed by cRequestValidator

Returns

boolvoidTrue on success otherwhise nothing.

Checks also contenido-var (session) to ascii, but works as a wrapper to checkRequestSession().

checkSession() : true
Static
deprecated Use checkRequestSession() instead due to better naming conventions

Returns

true

Escaped an query-string with mysql_real_escape_string

escapeDB(string $sString, \cDb $oDB, boolean $bUndoAddSlashes) : string
InheritedStatic
inherited_from \cSecurity::escapeDB()

Parameters

$sString

string

Input string

$oDB

\cDb

CONTENIDO database object

$bUndoAddSlashes

boolean

Flag for undo addslashes (optional, default: true)

Returns

stringConverted string

Escaped an query-string with addslashes

escapeString(string $sString) : string
InheritedStatic
inherited_from \cSecurity::escapeString()

Parameters

$sString

string

Input string

Returns

stringConverted string

Escapes string using CONTENIDO urlencoding method and escapes string for inserting

filter(string $sString, \cDb $oDb) : string
Static
deprecated [2012-07-02] This function is now executed by cSecurity

Parameters

$sString

string

Input string

$oDb

\cDb

CONTENIDO database object

Returns

stringFiltered string

Returns accepted backend language values

getAcceptedBelangValues() : array
Static
deprecated [2012-07-02] This class was replaced by cRequestValidator

Returns

array

Returns forbidden request parameters

getForbiddenParameters() : array
Static
deprecated [2012-07-02] This class was replaced by cRequestValidator

Returns

array

Returns must be numeric request parameters

getMustbeNumericParameters() : array
Static
deprecated [2012-07-02] This class was replaced by cRequestValidator

Returns

array

Check: Has the variable an boolean value?

isBoolean(string $sVar) : boolean
Static
deprecated [2012-07-02] This function is now executed by cSecurity

Parameters

$sVar

string

Input string

Returns

booleanCheck state

Check: Is the variable an integer?

isInteger(string $sVar) : boolean
Static
deprecated [2012-07-02] This function is now executed by cSecurity

Parameters

$sVar

string

Input string

Returns

booleanCheck state

Check: Is the variable an string?

isString(string $sVar) : boolean
Static
deprecated [2012-07-02] This function is now executed by cSecurity

Parameters

$sVar

string

Input string

Returns

booleanCheck state

Convert an string to an boolean

toBoolean(string $sString) : boolean
Static
deprecated [2012-07-02] This function is now executed by cSecurity

Parameters

$sString

string

Input string

Returns

booleanType casted input string

Convert an string to an integer

toInteger(string $sString) : integer
Static
deprecated [2012-07-02] This function is now executed by cSecurity

Parameters

$sString

string

Input string

Returns

integerType casted input string

Convert an string

toString(string $sString, boolean $bHTML, string $sAllowableTags) : string
Static
deprecated [2012-07-02] This function is now executed by cSecurity

Parameters

$sString

string

Input string

$bHTML

boolean

If true check with strip_tags and stripslashes

$sAllowableTags

string

Allowable tags if $bHTML is true

Returns

stringConverted string

Reverts effect of method filter()

unFilter(string $sString) : string
Static
deprecated [2012-07-02] This function is now executed by cSecurity

Parameters

$sString

string

Input string

Returns

stringUnfiltered string

Un-quote string quoted with escapeDB()

unescapeDB(string $sString) : string
InheritedStatic
inherited_from \cSecurity::unescapeDB()

Parameters

$sString

string

Input string

Returns

stringConverted string