Input Filter System for CMS Airship
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
tests
.gitignore
.travis.yml
LICENSE
README.md
composer.json
phpunit.xml.dist
psalm.xml

README.md

Ionizer

Build Status Latest Stable Version Latest Unstable Version License Downloads

Input filtering system used in CMS Airship, now available for use in any project. Requires PHP 7 or higher.

What is Ionizer?

Ionizer is a structured input filtering system ideal for HTTP form data.

Installing

Get Composer, then run the following:

composer require paragonie/ionizer

Usage

<?php

use ParagonIE\Ionizer\GeneralFilterContainer;
use ParagonIE\Ionizer\Filter\{
    StringFilter,
    WhiteList
};

// Define properties to filter:
$ic = new GeneralFilterContainer();
$ic->addFilter(
        'username',
        (new StringFilter())->setPattern('^[A-Za-z0-9_\-]{3,24}$')
    )
    ->addFilter('passphrase', new StringFilter())
    ->addFilter(
        'domain',
        new WhiteList('US-1', 'US-2', 'EU-1', 'EU-2')
    );

// Invoke the filter container on the array to get the filtered result:
try {
    // $post passed all of our filters.
    $post = $ic($_POST);
} catch (\TypeError $ex) {
    // Invalid data provided.
}

Ionizer can even specify structured input with some caveats.

<?php

use ParagonIE\Ionizer\GeneralFilterContainer;
use ParagonIE\Ionizer\Filter\{
    IntFilter,
    IntArrayFilter,
    StringArrayFilter,
    StringFilter
};

$ic = new GeneralFilterContainer();
    // You can type entire arrays at once:
$ic->addFilter('numbers', new IntArrayFilter())
    ->addFilter('strings', new StringArrayFilter())
    
    // You can also specify subkeys, separated by a period:
    ->addFilter('user.name', new StringFilter())
    ->addFilter('user.unixtime', new IntFilter());

$input = [
    'numbers' => [1, 2, 3],
    'strings' => ['a', 'b'],
    'user' => [
        'name' => 'test',
        'unixtime' => time()
    ]    
];

try {
    $valid = $ic($input);
} catch (\TypeError $ex) {
}