Object-Oriented Superglobals for Secure Input Filtering 2.3
From PHPKode | 19.9 KB
Try before download
The page visits: 323
All superglobals ($_GET, $_POST, $_REQUEST, $_SERVER) are wrapped into objects. Access is facilitated over filter functions or pre-defined filter lists. Array access syntax is still possible, but validation just a method name away:
$_REQUEST["raw"] // uses raw method or pre-defined filter
It can prevent raw access, but for transitioning the codebase allows it.
Also it's simple to define new filters or just reuse global functions or inject custom methods. When no best filter is available, it's possible to chain them, or resort to the ->log feature at least. And with "$_GET->xss->nocontrol->always()" a forced default filter can be set on legacy code.
More popular Security System
- 8.6 KB
- 05/16/2010 01:43:29