Posted By

kendsnyder on 01/18/11


Tagged

post security scrub


Versions (?)

Who likes this?

1 person have marked this snippet as a favorite

hihat


Clean incoming POST data


 / Published in: PHP
 

  1. // based on Quad_Scrub: http://code.google.com/p/quadphp/source/browse/trunk/library/Quad/Scrub.php
  2. function clean(&$val, $allowedChars = 'ascii') {
  3. static $types = array(
  4. 'word' => '/[^a-zA-Z\x{00C0}-\x{00FF}\x{0100}-\x{02AF}\x{1E00}-\x{1EF9}\d -\/:;=\?@\[-_\{-~
  5. \t\.]/u',
  6. 'alpha' => '/[^a-zA-Z\x{00C0}-\x{00FF}\x{0100}-\x{02AF}\x{1E00}-\x{1EF9}]/u',
  7. 'alphanum' => '/[^a-zA-Z\x{00C0}-\x{00FF}\x{0100}-\x{02AF}\x{1E00}-\x{1EF9}\d]/u',
  8. 'id' => '/[^\w_]/',
  9. 'date' => '/[^\d :TzZ-]/',
  10. 'email' => "/[^@\w\.!#$%&'*+\-\/=?^_`{|}~]/", // http://en.wikipedia.org/wiki/E-mail_address Dec 2009
  11. 'url' => '/[^\w\._&?#+%=\/~:-]/',
  12. 'ascii' => '/[^ -~]/',
  13. );
  14. if (isset($types[$allowedChars])) {
  15. $regex = $types[$allowedChars];
  16. }
  17. else {
  18. $regex = $allowedChars;
  19. }
  20. $val = preg_replace($regex, '', (string) $val);
  21. return $val;
  22. }

Report this snippet  

You need to login to post a comment.