PHP Class defender, PHP-Fusion

| https://www.php-fusion.co.uk/ +--------------------------------------------------------+ | Filename: defender.inc.php | Author : Frederick MC Chan (Hien) | Co-Author: Dan C (JoiNNN) | Version : 9.0.5 (please update every commit) +--------------------------------------------------------+ | This program is released as free software under the | Affero GPL license. You can redistribute it and/or | modify it under the terms of this license which you | can read by viewing the included agpl.txt or online | at www.gnu.org/licenses/agpl.html. Removal of this | copyright header is strictly prohibited without | written permission from the original author(s). +--------------------------------------------------------

Show file Open project: php-fusion/PHP-Fusion Class Usage Examples

Public Properties

Property	Type	Description
$debug
$error_title
$field		Declared by Form Sanitizer
$field_config
$field_default
$field_name
$field_value
$input_errors
$ref

Public Methods

Method	Description
add_field_session ( array $array )
form_sanitizer ( $value, $default = "", $input_name = FALSE, $is_multiLang = FALSE )	need to register the file.
generate_token ( $form_id = 'phpfusion', $max_tokens = 10, $file = "" )
getErrorText ( $input_name )	Fetches the latest error text of this input Important! Ensure your applications do not refresh screen for this error to show.
getInputErrors ( ) : array
get_current_field_session ( string $input_name = "" ) : string	Return the current document field session or sessions Use for debug purposes
inputHasError ( $input_name )
pageHash ( $file = "" ) : string	Generates a md5 hash of the current page to make token session unique Eg. /php-fusion/infusions/blog/blog.php for Non
remove_token ( )
safe ( ) : boolean	Request whether safe to proceed at all times
sanitize_array ( $array )
setErrorText ( $input_name, $text )	Set and override default field error text
setInputError ( $input_name )
set_sessionUserID ( ) : mixed	ID for Session No $userName because it can be changed and tampered via Edit Profile.
sniff_token ( )	Token Sniffer Checks whether a post contains a valid token
stop ( )	Send an Unsafe Signal acorss all PHP-Fusion Components This will automatically halt on all important execution without exiting.
unset_field_session ( )	Marks an input as invalid
validate ( )

Protected Methods

Method	Description
verify_checkbox ( )	Validate a checkbox If field Value is multiple checkbox, post value must be an array If field value is a radio, post value must not be an array If field value is a number, post value must be a boolean 1 or 0
verify_date ( ) : integer \| string	Check and verify submitted date If type is timestamp, it will return a Unix timestamp If type is date, it will return a date
verify_email ( )	Checks if is a valid email address accepts only 50 characters + @ + 4 characters returns str the input or bool FALSE if check fails
verify_file_upload ( )
verify_image_upload ( )
verify_number ( )	Checks if is a valid number returns str the input or bool FALSE if check fails TODO: support decimal
verify_password ( )	Checks if is a valid password accepts minimum of 8 and maximum of 64 due to encrypt limit returns str the input or bool FALSE if check fails
verify_text ( )	validate and sanitize a text accepts only 50 characters + @ + 4 characters returns str the sanitized input or bool FALSE if safemode is set and the check fails
verify_url ( )	Checks if is a valid URL require path.

Private Methods

Method	Description
verify_token ( integer $post_time = 5 ) : boolean	Plain Token Validation - executed at maincore.php through sniff_token() only.

Method Details

add_field_session() static public method

static public add_field_session ( array $array )
$array	array

form_sanitizer() public method

need to register the file.

public form_sanitizer ( $value, $default = "", $input_name = FALSE, $is_multiLang = FALSE )

generate_token() public method

public generate_token ( $form_id = 'phpfusion', $max_tokens = 10, $file = "" )

getErrorText() public method

Use $defender->safe() or \defender::safe(); for conditional redirect.

public getErrorText ( $input_name )
$input_name

getInputErrors() public method

public getInputErrors ( ) : array
return	array

get_current_field_session() static public method

Return the current document field session or sessions Use for debug purposes

static public get_current_field_session ( string $input_name = "" ) : string
$input_name	string
return	string

inputHasError() public method

public inputHasError ( $input_name )

pageHash() public static method

Generates a md5 hash of the current page to make token session unique Eg. /php-fusion/infusions/blog/blog.php for Non

public static pageHash ( $file = "" ) : string
return	string

remove_token() public method

public remove_token ( )

safe() public static method

Request whether safe to proceed at all times

public static safe ( ) : boolean
return	boolean

sanitize_array() static public method

static public sanitize_array ( $array )

setErrorText() public method

Set and override default field error text

public setErrorText ( $input_name, $text )
$input_name
$text

setInputError() public method

public setInputError ( $input_name )

set_sessionUserID() static public method

Using IP address extends for guest

static public set_sessionUserID ( ) : mixed
return	mixed

sniff_token() public method

Token Sniffer Checks whether a post contains a valid token

public sniff_token ( )

stop() static public method

Send an Unsafe Signal acorss all PHP-Fusion Components This will automatically halt on all important execution without exiting.

static public stop ( )

unset_field_session() public static method

Marks an input as invalid

public static unset_field_session ( )

validate() public method

public validate ( )

verify_checkbox() protected method

Validate a checkbox If field Value is multiple checkbox, post value must be an array If field value is a radio, post value must not be an array If field value is a number, post value must be a boolean 1 or 0

protected verify_checkbox ( )

verify_date() protected method

Check and verify submitted date If type is timestamp, it will return a Unix timestamp If type is date, it will return a date

protected verify_date ( ) : integer \| string
return	integer \| string

verify_email() protected method

Checks if is a valid email address accepts only 50 characters + @ + 4 characters returns str the input or bool FALSE if check fails

protected verify_email ( )

verify_file_upload() protected method

protected verify_file_upload ( )

verify_image_upload() protected method

protected verify_image_upload ( )

verify_number() protected method

Checks if is a valid number returns str the input or bool FALSE if check fails TODO: support decimal

protected verify_number ( )

verify_password() protected method

Checks if is a valid password accepts minimum of 8 and maximum of 64 due to encrypt limit returns str the input or bool FALSE if check fails

protected verify_password ( )

verify_text() protected method

validate and sanitize a text accepts only 50 characters + @ + 4 characters returns str the sanitized input or bool FALSE if safemode is set and the check fails

protected verify_text ( )

verify_url() protected method

returns str the input or bool FALSE if check fails

protected verify_url ( )

Property Details

$debug public property

public $debug

$error_title public property

public $error_title

$field public property

Declared by Form Sanitizer

public $field

$field_config public property

public $field_config

$field_default public property

public $field_default

$field_name public property

public $field_name

$field_value public property

public $field_value

$input_errors public property

public $input_errors

$ref public property

public $ref