adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 11:28:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding comments for Sanitize and Security

Browse source 
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5194 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
mariano.iglesias 2007-05-26 06:35:44 +00:00
parent 61a3d09dbc
commit 24dd6ddb0a
2 changed files with 65 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
cake/libs/sanitize.php
View file

@ -39,8 +39,10 @@ class Sanitize{
/**
* Removes any non-alphanumeric characters.
*
* @param string $string
* @return string
* @param string $string String to sanitize
* @return string Sanitized string
* @access public
* @static
*/
function paranoid($string, $allowed = array()) {
$allow = null;
@ -62,9 +64,11 @@ class Sanitize{
/**
* Makes a string SQL-safe.
*
* @param string $string
* @param string $connection
* @return string
* @param string $string String to sanitize
* @param string $connection Database connection being used
* @return string SQL safe string
* @access public
* @static
*/
function escape($string, $connection = 'default') {
$db = ConnectionManager::getDataSource($connection);
@ -74,9 +78,11 @@ class Sanitize{
/**
* Returns given string safe for display as HTML. Renders entities.
*
* @param string $string
* @param string $string String from where to strip tags
* @param boolean $remove If true, the string is stripped of all HTML tags
* @return string
* @return string Sanitized string
* @access public
* @static
*/
function html($string, $remove = false) {
if ($remove) {
@ -91,7 +97,9 @@ class Sanitize{
/**
* Strips extra whitespace from output
*
* @param string $str
* @param string $str String to sanitize
* @access public
* @static
*/
function stripWhitespace($str) {
$r = preg_replace('/[\n\r\t]+/', '', $str);
@ -100,7 +108,9 @@ class Sanitize{
/**
* Strips image tags from output
*
* @param string $str
* @param string $str String to sanitize
* @access public
* @static
*/
function stripImages($str) {
$str = preg_replace('/(<a[^>]*>)(<img[^>]+alt=")([^"]*)("[^>]*>)(<\/a>)/i', '$1$3$5<br />', $str);
@ -111,7 +121,9 @@ class Sanitize{
/**
* Strips scripts and stylesheets from output
*
* @param string $str
* @param string $str String to sanitize
* @access public
* @static
*/
function stripScripts($str) {
return preg_replace('/(<link[^>]+rel="[^"]*stylesheet"[^>]*>|<img[^>]*>|style="[^"]*")|<script[^>]*>.*?<\/script>|<style[^>]*>.*?<\/style>|<!--.*?-->/i', '', $str);
@ -119,7 +131,8 @@ class Sanitize{
/**
* Strips extra whitespace, images, scripts and stylesheets from output
*
* @param string $str
* @param string $str String to sanitize
* @access public
*/
function stripAll($str) {
$str = $this->stripWhitespace($str);
@ -128,12 +141,13 @@ class Sanitize{
return $str;
}
/**
* Strips the specified tags from output
* Strips the specified tags from output. First parameter is string from
* where to remove tags. All subsequent parameters are tags.
*
* @param string $str
* @param string $tag
* @param string $tag
* @param string ...
* @param string $str String to sanitize
* @param string $tag Tag to remove (add more parameters as needed)
* @access public
* @static
*/
function stripTags() {
$params = params(func_get_args());
@ -148,9 +162,11 @@ class Sanitize{
/**
* Sanitizes given array or value for safe input.
*
* @param mixed $data
* @param string $connection
* @return mixed
* @param mixed $data Data to sanitize
* @param string $connection DB connection being used
* @return mixed Sanitized data
* @access public
* @static
*/
function clean($data, $connection = 'default') {
if (empty($data)) {
@ -189,8 +205,8 @@ class Sanitize{
* Formats column data from definition in DBO's $columns array
*
* @param Model $model The model containing the data to be formatted
* @return void
* @access public
* @static
*/
function formatColumns(&$model) {
foreach($model->data as $name => $values) {

46
cake/libs/security.php
View file

@ -36,9 +36,11 @@
*/
class Security extends Object{
/**
* Enter description here...
* Singleton implementation to get object instance.
*
* @return unknown
* @return object
* @access public
* @static
*/
function &getInstance() {
static $instance = array();
@ -48,9 +50,11 @@ class Security extends Object{
return $instance[0];
}
/**
* Enter description here...
* Get allowed minutes of inactivity based on security level.
*
* @return unknown
* @return int Allowed inactivity in minutes
* @access public
* @static
*/
function inactiveMins() {
$_this =& Security::getInstance();
@ -68,30 +72,36 @@ class Security extends Object{
}
}
/**
* Enter description here...
* Generate authorization hash.
*
* @return unknown
* @return string Hash
* @access public
* @static
*/
function generateAuthKey() {
$_this =& Security::getInstance();
return $_this->hash(uniqid(rand(), true));
}
/**
* Enter description here...
* Validate authorization hash.
*
* @param unknown_type $authKey
* @return unknown
* @param string $authKey Authorization hash
* @return boolean Success
* @access public
* @static
*/
function validateAuthKey($authKey) {
$_this =& Security::getInstance();
return true;
}
/**
* Enter description here...
* Create a hash from string using given method.
*
* @param unknown_type $string
* @param unknown_type $type
* @return unknown
* @param string $string String to hash
* @param string $type Method to use (sha1/sha256/md5)
* @return string Hash
* @access public
* @static
*/
function hash($string, $type = 'sha1') {
$_this =& Security::getInstance();
@ -120,11 +130,13 @@ class Security extends Object{
}
}
/**
* Enter description here...
* Encripts/Decrypts a text using the given key.
*
* @param unknown_type $text
* @param unknown_type $key
* @return unknown
* @param string $text Encrypted string to decrypt, normal string to encrypt
* @param string $key Key to use
* @return string Encrypted/Decrypted string
* @access public
* @static
*/
function cipher($text, $key) {
$_this =& Security::getInstance();