This repository has been archived by the owner on Mar 16, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Sanitize.php
73 lines (67 loc) · 2.01 KB
/
Sanitize.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?php
/**
* Sanitize A class for sanitizing arrays and objects, with the additional
* feature of returning null for nonexistent properties.
*
* @author Adam Bowen <[email protected]>
* @author Russell Stringer <[email protected]>
* @license http://dbad-license.org/license DBAD license
*/
require_once('Filtered.php');
class Sanitize
{
/**
* Clean Sanitize the keys and values of the $unclean object/array
*
* @param mixed $unclean
* @return Filtered object containing the sanitized values
*/
public static function Clean($unclean)
{
$filtered = new Filtered();
foreach ($unclean as $key => $value) {
$sanitizedKey = self::_sanitize($key);
$sanitizedValue = self::_sanitize($value);
$filtered->$sanitizedKey = $sanitizedValue;
}
return $filtered;
}
/**
* _sanitize Sanitize the given $input.
*
* Sends all inputs to _fixIncompleteObject() to ensure there are no broken
* objects, then if $input is an object or an array, it cleans $input
* recursively. If $input is a string, it is simply cleaned and returned.
*
* @param mixed $input
* @return mixed Either a simple cleaned string or a cleaned array.
*/
private function _sanitize($input)
{
$input = self::_fixIncompleteObject($input);
if (is_array($input) || is_object($input)) {
$output = array();
foreach ($input as $key => $value){
$output[$key] = self::_sanitize($value);
}
return $output;
}
return stripslashes(htmlentities(strip_tags(trim($input))));
}
/**
* _fixIncompleteObject repairs an object if it is incomplete.
*
* Removes the __PHP_Incomplete_Class crap from the object, so is_object()
* will correctly identify $input as an object
*
* @param object $object The "broken" object
* @return object The "fixed" object
*/
private function _fixIncompleteObject($input)
{
if (!is_object($input) && gettype($input) == 'object') {
return unserialize(serialize($input));
}
return $input;
}
}