// Generate Fake post Data
$object = new stdClass();
$object->name = "delete";
$object->data = (object) array("age"=>21,"bad"=>"<b>Bad</b>");
$_POST = array();
$_POST['testing']["name"] = "<b>" . $_SERVER['SERVER_NAME'] . "</b>";
$_POST['testing']["example"]['xss'] = '<IMG SRC=javascript:alert("XSS")>';
$_POST['testing']["example"]['sql'] = "x' AND email IS NULL; --";
$_POST['testing']["example"]['filter'] = "Let's meet 4:30am Ât the \tcafé\n";
$_POST['selected'] = "ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂHello WorldÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ";
$_POST['phone'] = "Phone+888(008)9903";
$_POST['hello'] = "Hello word";
$_POST['image'] = file_get_contents("http://i.imgur.com/YRz0AI7.png");
$_POST['binary'] = mcrypt_create_iv(10, MCRYPT_DEV_URANDOM);
$_POST['object'] = $object ;
Output
Array
(
[xss] => <IMG SRC=javascript:alert("XSS")>
[sql] => x' AND email IS NULL; --
[filter] =>
)
//Before
echo $_POST['phone'];
//Convert post to super
$_POST = new Varriable($_POST);
$_POST->offsetFilter("phone", new Basic(Basic::FILTER_INT));
//After
echo $_POST->phone;
Output
Phone+888(008)9903 //before
+8880089903 //after
During filter process Ignore Binray , Hash (md5 , sha ) during Filter
$_POST = new Varriable($_POST);
$_POST->setFilter(new Basic(Basic::FILTER_ALL,
Basic::IGNORE_BASE64 | Basic::IGNORE_HEX | Basic::IGNORE_BINARY));
You can use Callback which also supports Regex.
$callback = new Callback();
// Add callback to keys when found
$callback->add("hello", function ($value, $key) {
return strtoupper($value);
});
// You can also use regex with match
$callback->match("/^hello/", function ($value, $key) {
return strtoupper($value);
});
$_POST = new Varriable($_POST, $callback);
echo $_POST['hello'];
Output
HELLO