Location: PHPKode > scripts > te-edu Input Sanitize > classInputSanitize.php
class classInputSanitize{

//you define here characters that you allow depending of class use
//eg. if you sanitize $_POST or $_GET from some form input fields
//you will let's say allow for input name alphanumeric chars and 
//" ", "-", "_"	
//for password if you want strong pasword some special chars  "#", "&", "+", "$"
//for e mail field  "@", "."
//*******************************************************************
//you just find your chars combination
//*******************************************************************

private $alowed_Chars = array(" ", "-", "_", "@", "#", "&", "+", "$", ",", "/", ":", ";", "=", "?", "(", ")", "*", "%", "!"); 

//*******************************************************************
//this is just array that will hold results

public $cleaned_input = array();

public function __construct($input_field_arrays){

	$this->input_field_arrays =$input_field_arrays;

}
public function sanitizeInputs(){

//*******************************************************************
// let's loop each pair of values eg. $_POST['name'] = 'someName';
//*******************************************************************
foreach($this->input_field_arrays as $key=>$value){

//*******************************************************************
//ok now we must check if somebody didn't use encoded special chars 
//*******************************************************************
$value = htmlspecialchars_decode(urldecode($value));

//*******************************************************************
//now we must remove allowed chars because ctype_alnum support just alpha numer characters
//and we check if there are some restricted characters left

//*******************************************************************
if(ctype_alnum(str_replace($this->alowed_Chars, "", $value))){
//*******************************************************************
//if we do not have restricted chars reconstruct array of checked data
	$this->cleaned_input[$key]  = $value;

//*******************************************************************
}else{
//if we have restricted chars reconstruct array and set array value to error
	$this->cleaned_input[$key] = 'error';
}
	}
return $this->cleaned_input;
}
}
//********************************************************
//  U S A G E
//********************************************************
//example 1: form submited via post or data passed via Ajaq request
$_POST['nick'] = 'some_nick';
$_POST['pass'] = 'some_pass';
//********************************************************
$sanitize = new classInputSanitize($_POST);
$result = $sanitize->sanitizeInputs();

//****************************************************
// HANNDLE RESULT ONE WAY!!!!!
//****************************************************
if (in_array("error", $result)){

echo 'We can not proceed your request: you use special characters';

}else{

//   DO SOMETHING LOGIN REGISTER ETC......

}
//****************************************************
//example 2: you have site and after login you set $_SESSION's
$_SESSION['nick'] = 'nick_name';
$_SESSION['security'] = 'some_encrypted_code';

$sanitize = new classInputSanitize($_SESSION);
$result = $sanitize->sanitizeInputs();

if (in_array("error", $result)){

die;
//or
header("Location:illegalAttempt.php");
}else{

//OK CONTINUE....

}
Return current item: te-edu Input Sanitize