Location: PHPKode > projects > PHProjekt > library/Cleaner.php
<?php
/**
 * Santizing class.
 *
 * Cleaner is a PHP written sanitizing and escaping class.
 *
 * This software is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License version 3 as published by the Free Software Foundation
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * @category  PHProjekt
 * @package   Cleaner
 * @copyright Copyright (c) 2010 Mayflower GmbH (http://www.mayflower.de)
 * @license   LGPL v3 (See LICENSE file)
 * @link      http://www.thinkforge.org/projects/Cleaner
 * @since     File available since Release 6.0
 * @version   Release: 6.0.5
 * @author    Peter Voringer <hide@address.com>
 */

set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path());

/** Cleaner_Cage */
require_once 'Cleaner/Cage.php';
/** Cleaner_Engine */
require_once 'Cleaner/Engine.php';
/** Cleaner_Exception */
require_once 'Cleaner/Exception.php';
/** Cleaner_Messages */
require_once 'Cleaner/Messages.php';
/** Cleaner_Parameter */
require_once 'Cleaner/Parameter.php';
/** Cleaner_Sanitizer */
require_once 'Cleaner/Sanitizer.php';
/** Cleaner_Validator */
require_once 'Cleaner/Validator.php';
/** Cleaner_Escaper */
require_once 'Cleaner/Escaper.php';
/** Cleaner_Util */
require_once 'Cleaner/Util.php';

/**
 * Santizing class.
 *
 * Cleaner is a PHP written sanitizing and escaping class.
 *
 * @category  PHProjekt
 * @package   Cleaner
 * @copyright Copyright (c) 2010 Mayflower GmbH (http://www.mayflower.de)
 * @license   LGPL v3 (See LICENSE file)
 * @link      http://www.thinkforge.org/projects/Cleaner
 * @since     File available since Release 6.0
 * @version   Release: 6.0.5
 * @author    Peter Voringer <hide@address.com>
 */
class Cleaner
{
    const INPUT_SCOPE_GET     = 'get';
    const INPUT_SCOPE_POST    = 'post';
    const INPUT_SCOPE_REQUEST = 'request';
    const INPUT_SCOPE_SESSION = 'session';
    const INPUT_SCOPE_COOKIE  = 'cookie';
    const INPUT_SCOPE_FILES   = 'files';
    const INPUT_SCOPE_ENV     = 'env';
    const INPUT_SCOPE_SERVER  = 'server';

    const OUPUT_SCOPE_SQL        = 'sql';
    const OUPUT_SCOPE_HTML       = 'html';
    const OUPUT_SCOPE_CSS        = 'html';
    const OUPUT_SCOPE_JAVASCRIPT = 'javascript';

    const PLUGIN_TYPE_VALIDATOR = 'validator';
    const PLUGIN_TYPE_SANITIZER = 'sanitizer';
    const PLUGIN_TYPE_ESCAPER   = 'escaper';

    /**
     * Sigleton Instance of Cleaner.
     *
     * @var Cleaner Instance (Singleton) of Cleaner
     */
    private static $_instance = null;

    /**
     * Cage Instances for default scopes.
     *
     * @var array
     */
    private $_cages;

    /**
     * Getter for Singleton instance of Cleaner.
     *
     * @return Cleaner Instance (Singleton) of Cleaner
     */
    private static function _getInstance()
    {
        if (self::$_instance === null) {
            self::$_instance = new Cleaner();
        }

        return self::$_instance;
    }

    /**
     * Set a individual Implementation of Cleaner_Messages.
     *
     * @param string $className Name of class to use.
     *
     * @return void
     */
    public static function setMessagesClass($className)
    {
        Cleaner_Engine::_getInstance()->setMessagesClass($className);
    }

    /**
     * Set a individual Implementation of Cleaner_Sanitizer.
     *
     * @param string $className Name of class to use.
     *
     * @return void
     */
    public static function setSanitizerClass($className)
    {
        Cleaner_Engine::_getInstance()->setSanitizerClass($className);
    }

    /**
     * Set a individual Implementation of Cleaner_Validator.
     *
     * @param string $className Name of class to use.
     *
     * @return void
     */
    public static function setValidatorClass($className)
    {
        Cleaner_Engine::_getInstance()->setValidatorClass($className);
    }

    /**
     * Set a individual Implementation of Cleaner_Escaper.
     *
     * @param string $className Name of class to use.
     *
     * @return void
     */
    public static function setEscaperClass($className)
    {
        Cleaner_Engine::_getInstance()->setEscaperClass($className);
    }

    /**
     * Get the scope abstraction object.
     *
     * @param string $scope Name of Scope (use constants).
     *
     * @return Cleaner_Cage Scope abstraction object.
     */
    public static function getCage($scope)
    {
        $instance = self::_getInstance();

        if (array_key_exists($scope, $instance->_cages)) {
            return $instance->_cages[$scope];
        }

        throw new Cleaner_Exception("Can't return Cage because given Scope is not defined");
    }

    /**
     * Escape a value.
     *
     * @param string $scope   Scope category, in which the value will be displayed.
     * @param string $type    Subtype/Subscope, in which the value will be displayed.
     * @param mixed  $value   Value to escape.
     * @param mixed  $default Default value, if value is null/empty.
     *
     * @return mixed Escaped value.
     */
    public static function escape($scope, $type, $value, $default = null)
    {
        if (Cleaner_Util::isBlank($value)) {
            return $default;
        }

        return Cleaner_Engine::getInstance()->escape($scope, $type, $value);
    }


    /**
     * Validates a value against a certain type.
     *
     * @param string  $type     Type against parameter/item should be validated.
     * @param mixed   $value    Value to validate.
     * @param boolean $empty    Must parameter/item be not null or empty.
     * @param object  $messages Messages generated while validation.
     *
     * @return boolean True for valid.
     */
    public static function validate($type, $value, $empty = false, $messages = null)
    {
        if (!isset($messages)) {
            $messages = Cleaner_Engine::getMessages();
        }

        if (Cleaner_Util::isBlank($value)) {

            if (!$empty) {
                $messages->add('INVALID_REQUIRED');
            }

            return $empty;
        }

        return Cleaner_Engine::getInstance()->validate($type, $value, $messages);
    }

    /**
     * Sanitizes a value to a certain type.
     *
     * @param string  $type     Type of parameter/item to sanitize.
     * @param mixed   $value    Value to sanitize.
     * @param mixed   $default  Return value, if parameter/item is null/empty/notset/...
     * @param boolean $empty    Must parameter/item be not null or empty.
     * @param object  $messages Messages generated while validation.
     *
     * @return mixed Sanitized value.
     */
    public static function sanitize($type, $value, $default = null, $empty = false, $messages = null)
    {
        if (!isset($messages)) {
            $messages = Cleaner_Engine::getMessages();
        }

        /* If strings are empty they are totally valid as
           long as $empty is not specified */
        if (Cleaner_Util::isBlank($value) && ($type != 'string' || $empty)) {

            if (!$empty) {
                $messages->add('SANITIZE_DEFAULT');
            }

            return $default;
        }

        $instance = Cleaner_Engine::getInstance();
        $result   = $instance->sanitize($type, $value);

        if (is_null($result)) {
            if (!$empty) {
                $messages->add('SANITIZE_DEFAULT');
            }
            return $default;
        }

        return $result;
    }

    /**
     * Validates an item in the wrapped scope for a certain type and if
     * invalid sanitizes the value of the parameter/item.
     *
     * @param string  $type     Type of parameter/item to validate and/or sanitize.
     * @param string  $scope    Name of scope to use (GET, POST, ...).
     * @param string  $name     Name of parameter / Name of item in scope.
     * @param boolean $empty    Must parameter/item be not null or empty.
     * @param mixed   $default  Return value, if parameter/item and/or sanitizes parameter/item is null/empty/notset/..
     * @param boolean $sanitize Wheather sanitize value of parameter/item, when value is invalid.
     *
     * @return Cleaner_Parameter Instance, representing selected parameter/item in Scope.
     */
    public static function getParameter($type, $scope, $name, $empty = false, $default = null, $sanitize = true)
    {
        $cage = self::getCage($scope);
        return $cage->getParameter($type, $name, $empty, $default, $sanitize);
    }

    /**
     * Creates a new Instance (Singleton) of Cleaner.
     *
     * @return void
     */
    protected function __construct()
    {
        $this->_configuration = Cleaner_Engine::_getInstance();

        $this->_cages = array(
            self::INPUT_SCOPE_GET     => Cleaner_Cage::getInstance($_GET, self::INPUT_SCOPE_GET),
            self::INPUT_SCOPE_POST    => Cleaner_Cage::getInstance($_POST, self::INPUT_SCOPE_POST),
            self::INPUT_SCOPE_REQUEST => Cleaner_Cage::getInstance($_REQUEST, self::INPUT_SCOPE_REQUEST),
            self::INPUT_SCOPE_COOKIE  => Cleaner_Cage::getInstance($_COOKIE, self::INPUT_SCOPE_COOKIE),
            self::INPUT_SCOPE_FILES   => Cleaner_Cage::getInstance($_FILES, self::INPUT_SCOPE_FILES),
            self::INPUT_SCOPE_SESSION => Cleaner_Cage::getInstance($_SESSION, self::INPUT_SCOPE_SESSION),
            self::INPUT_SCOPE_ENV     => Cleaner_Cage::getInstance($_ENV, self::INPUT_SCOPE_ENV),
            self::INPUT_SCOPE_SERVER  => Cleaner_Cage::getInstance($_SERVER, self::INPUT_SCOPE_SERVER)
        );

        if (isset($GLOBALS['HTTP_SERVER_VARS'])) {
            $GLOBALS['HTTP_SERVER_VARS'] = null;
        }

        if (isset($GLOBALS['HTTP_GET_VARS'])) {
            $GLOBALS['HTTP_GET_VARS'] = null;
        }

        if (isset($GLOBALS['HTTP_POST_VARS'])) {
            $GLOBALS['HTTP_POST_VARS'] = null;
        }

        if (isset($GLOBALS['HTTP_COOKIE_VARS'])) {
            $GLOBALS['HTTP_COOKIE_VARS'] = null;
        }

        if (isset($GLOBALS['HTTP_ENV_VARS'])) {
            $GLOBALS['HTTP_ENV_VARS'] = null;
        }

        if (isset($GLOBALS['HTTP_SESSION_VARS'])) {
            $GLOBALS['HTTP_SESSION_VARS'] = null;
        }

        if (isset($GLOBALS['HTTP_REQUEST_VARS'])) {
            $GLOBALS['HTTP_REQUEST_VARS'] = null;
        }

        if (isset($GLOBALS['HTTP_FILES_VARS'])) {
            $GLOBALS['HTTP_FILES_VARS'] = null;
        }
    }
}
Return current item: PHProjekt