本文整理汇总了PHP中Utilities::sanitizeInput方法的典型用法代码示例。如果您正苦于以下问题:PHP Utilities::sanitizeInput方法的具体用法?PHP Utilities::sanitizeInput怎么用?PHP Utilities::sanitizeInput使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Utilities
的用法示例。
在下文中一共展示了Utilities::sanitizeInput方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: session_cache_limiter
session_cache_limiter('nocache');
// Start session if necessary
if (!session_id()) {
// start new session and mark it as valid because the system is a trusted source
session_start();
// Start the session
// Set session cookie options
$site_url_parts = parse_url(Config::get('application_url'));
// Use configured path for cookie if set
$session_cookie_path = Config::get('session_cookie_path');
if (!$session_cookie_path) {
$session_cookie_path = $site_url_parts['path'];
}
session_set_cookie_params(0, $session_cookie_path, $site_url_parts['host'], true);
$_SESSION['valid'] = true;
// Set session as valid TODO do we we still need this ?
}
// Handle magic quoting (TODO maybe deprecated now ?)
if (get_magic_quotes_gpc()) {
$_POST = array_map('stripslashes', $_POST);
$_GET = array_map('stripslashes', $_GET);
}
// Sanitize all input variables
$_GET = Utilities::sanitizeInput($_GET);
$_POST = Utilities::sanitizeInput($_POST);
$_COOKIE = Utilities::sanitizeInput($_COOKIE);
$_REQUEST = Utilities::sanitizeInput($_REQUEST);
// Output is all UTF8
header('Content-Type: text/html; charset=UTF-8');
// Validate config on the fly
require_once APPLICATION_BASE . '/includes/core/ConfigValidation.php';
示例2: process
/**
* Process the request
*
* @throws lots of various exceptions
*/
public static function process()
{
try {
@session_start();
// If undergoing maintenance report it as an error
if (Config::get('maintenance')) {
throw new RestUndergoingMaintenanceException();
}
// Split request path to get tokens
$path = array();
if (array_key_exists('PATH_INFO', $_SERVER)) {
$path = array_filter(explode('/', $_SERVER['PATH_INFO']));
}
// Get method from possible headers
$method = null;
foreach (array('X_HTTP_METHOD_OVERRIDE', 'REQUEST_METHOD') as $k) {
if (!array_key_exists($k, $_SERVER)) {
continue;
}
$method = strtolower($_SERVER[$k]);
}
// Record called method (for log), fail if unknown
if (!in_array($method, array('get', 'post', 'put', 'delete'))) {
throw new RestMethodNotAllowedException();
}
// Get endpoint (first token), fail if none
$endpoint = array_shift($path);
if (!$endpoint) {
throw RestEndpointNotFound();
}
// Request data accessor
self::$request = new RestRequest($method, $endpoint, $path);
// Because php://input can only be read once for PUT requests we rely on a shared getter
$input = Request::body();
// Get request content type from possible headers
$type = array_key_exists('CONTENT_TYPE', $_SERVER) ? $_SERVER['CONTENT_TYPE'] : null;
if (!$type && array_key_exists('HTTP_CONTENT_TYPE', $_SERVER)) {
$type = $_SERVER['HTTP_CONTENT_TYPE'];
}
// Parse content type
$type_parts = array_map('trim', explode(';', $type));
$type = array_shift($type_parts);
self::$request->properties['type'] = $type;
$type_properties = array();
foreach ($type_parts as $part) {
$part = array_map('trim', explode('=', $part));
if (count($part) == 2) {
self::$request->properties[$part[0]] = $part[1];
}
}
Logger::debug('Got "' . $method . '" request for endpoint "' . $endpoint . '/' . implode('/', $path) . '" with ' . strlen($input) . ' bytes payload');
// Parse body
switch ($type) {
case 'text/plain':
self::$request->rawinput = trim(Utilities::sanitizeInput($input));
break;
case 'application/octet-stream':
// Don't sanitize binary input !
self::$request->rawinput = $input;
break;
case 'application/x-www-form-urlencoded':
$data = array();
parse_str($input, $data);
self::$request->input = (object) Utilities::sanitizeInput($data);
break;
case 'application/json':
default:
self::$request->input = json_decode(trim(Utilities::sanitizeInput($input)));
}
// Get authentication state (fills auth data in relevant classes)
Auth::isAuthenticated();
if (Auth::isRemoteApplication()) {
// Remote applications must honor ACLs
$application = AuthRemote::application();
if (!$application->allowedTo($method, $endpoint)) {
throw new RestNotAllowedException();
}
} else {
if (Auth::isRemoteUser()) {
// Nothing peculiar to do
} else {
if (in_array($method, array('post', 'put', 'delete'))) {
// SP or Guest, lets do XSRF check
$token_name = 'HTTP_X_SECURITY_TOKEN';
$token = array_key_exists($token_name, $_SERVER) ? $_SERVER[$token_name] : '';
if ($method == 'post' && array_key_exists('security-token', $_POST)) {
$token = $_POST['security-token'];
}
if (!$token || !Utilities::checkSecurityToken($token)) {
throw new RestXSRFTokenInvalidException($token);
}
}
}
}
// JSONP specifics
//.........这里部分代码省略.........