Function to determine if contents of an attribute are safe
static
boolean
checkAttribute
(array $attrSubSet)
-
array
$attrSubSet: A 2 element array for attribute's name, value
Returns an input filter object, only creating it if it doesn't already exist.
static
JFilterInput
&getInstance
([
array $tagsArray =
array()], [
array $attrArray =
array()], [
integer $tagsMethod =
0], [
integer $attrMethod =
0], [
integer $xssAuto =
1])
-
array
$tagsArray: List of user-defined tags
-
array
$attrArray: List of user-defined attributes
-
integer
$tagsMethod: WhiteList method = 0, BlackList method = 1
-
integer
$attrMethod: WhiteList method = 0, BlackList method = 1
-
integer
$xssAuto: Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1
Constructor for inputFilter class. Only first parameter is required.
JFilterInput
__construct
([array $tagsArray = array()], [array $attrArray = array()], [integer $tagsMethod = 0], [integer $attrMethod = 0], [integer $xssAuto = 1])
-
array
$tagsArray: List of user-defined tags
-
array
$attrArray: List of user-defined attributes
-
integer
$tagsMethod: WhiteList method = 0, BlackList method = 1
-
integer
$attrMethod: WhiteList method = 0, BlackList method = 1
-
integer
$xssAuto: Only auto clean essentials = 0, Allow clean blacklisted tags/attr = 1
Redefinition of:
- JObject::__construct()
- Class constructor, overridden in descendant classes.
Method to be called by another php script. Processes for XSS and specified bad code.
mixed
clean
(mixed $source, [string $type = 'string'])
-
mixed
$source: Input string/array-of-string to be 'cleaned'
-
string
$type: Return type for the variable (INT, UINT, FLOAT, BOOLEAN, WORD, ALNUM, CMD, BASE64, STRING, ARRAY, PATH, NONE)
Internal method to strip a tag of certain attributes
array
_cleanAttributes
(array $attrSet)
-
array
$attrSet: Array of attribute pairs to filter
Internal method to strip a string of certain tags
string
_cleanTags
(string $source)
-
string
$source: Input string to be 'cleaned'
Try to convert to plaintext
string
_decode
(string $source)
-
string
$source: The source string.
Escape < > and " inside attribute values
string
_escapeAttributeValues
(string $source)
-
string
$source: The source string.
Internal method to iteratively remove all unwanted tags and attributes
string
_remove
(string $source)
-
string
$source: Input string to be 'cleaned'
Remove CSS Expressions in the form of <property>:expression(...)
string
_stripCSSExpressions
(string $source)
-
string
$source: The source string.
Inherited Methods
Inherited From JObject
JObject::__construct()
JObject::def()
JObject::get()
JObject::getError()
JObject::getErrors()
JObject::getProperties()
JObject::set()
JObject::setError()
JObject::setProperties()
JObject::toString()
JObject::__toString()