Sanatize.php 1.64 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
<?php
/**
 * Created by PhpStorm.
 * User: crose
 * Date: 1/2/16
 * Time: 10:57 PM
 */

namespace qfq;

Carsten  Rose's avatar
Carsten Rose committed
11
use qfq;
12
use qfq\CodeException;
13

14
require_once(__DIR__ . '/../../qfq/Constants.php');
15

Carsten  Rose's avatar
Carsten Rose committed
16
17
18
19
/**
 * Class Sanatize
 * @package qfq
 */
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
class Sanatize {

    private function __construct() {
        // Class should never be instantiated
    }

    /**
     * Sanatize: check value by sanatize class. Return verified value or empty string if failed.
     *
     * @param string $value - value to check
     * @param string $sanatizeClass - class used to check
     * @return string - if check failed: empty string, if check is ok: value
     * @throws CodeException
     */
    public static function sanatize($value, $sanatizeClass = SANATIZE_DEFAULT) {

        switch ($sanatizeClass) {
            case SANATIZE_DEFAULT:
38
39
            case SANATIZE_ALLOW_DIGIT:
                if (!is_numeric($value)) {
40
                    $value = '';
41
                }
42
43
                break;

44
            case SANATIZE_ALLOW_ALNUMX:
45
                // replace ALNUMX valid characters, which are not part of ctype_alnum, by valid ctype_alnum characters, to fake ctype_alnum
46
47
                // definetely forbidden: ' " \ % $
                if (!ctype_alnum(str_replace(array('@', '-', '_', '.', ',', ';', ' ', '/', '(', ')'), 'a', $value)))
48
49
50
                    $value = '';
                break;

51
            case SANATIZE_ALLOW_ALL:
52
53
54
55
56
57
58
59
60
61
62
                break;

            default:
                throw new CodeException("Sanatize class '$sanatizeClass' unknown. Used to sanatize GET/POST Variable.", ERROR_UNKNOW_SANATIZE_CLASS);
                break;
        }

        return ($value);
    }

}