-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathlibState.php
118 lines (97 loc) · 4.53 KB
/
libState.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php
//This library is for formatting and filtering text
function sanitizeGetVar($varname, $method=FILTER_SANITIZE_ENCODED, $allowSpaces=true) {
if (isset($_GET[$varname])) {
$retVal=filter_var($_GET[$varname],$method);
if($allowSpaces) $retVal=str_replace('%20',' ',$retVal);
return $retVal;
}
else return '';
}
function sanitizeGetVarEmail($varname, $method=FILTER_SANITIZE_EMAIL, $allowSpaces=false) {
if (isset($_GET[$varname])) {
$retVal=filter_var($_GET[$varname],$method);
if($allowSpaces) $retVal=str_replace('%20',' ',$retVal);
return $retVal;
}
else return '';
}
function sanitizeGetVar2($varname, $method=FILTER_SANITIZE_ENCODED, $allowSpaces=true) {
if (isset($_GET[$varname])) {
$retVal=filter_var($_GET[$varname],$method);
if($allowSpaces) $retVal=str_replace('%20',' ',$retVal);
if ($retVal!='') return $retVal; else return false;
}
else return false;
}
function sanitizePostVar($varname, $method=FILTER_SANITIZE_ENCODED, $allowSpaces=true) {
if (isset($_POST[$varname])) {
$retVal=filter_var($_POST[$varname],$method);
if($allowSpaces) $retVal=str_replace('%20',' ',$retVal);
return $retVal;
}
else return '';
}
function sanitizePostVarEmail($varname, $method=FILTER_SANITIZE_EMAIL, $allowSpaces=false) {
if (isset($_POST[$varname])) {
$retVal=filter_var($_POST[$varname],$method);
if($allowSpaces) $retVal=str_replace('%20',' ',$retVal);
return $retVal;
}
else return '';
}
/*
//You would't necessarily call this function in your app. But it produces useful testing output.
function showExampleTable($unfilteredtext) {
echo("<table>");
$tabledata[1][0]="<tr><td>FILTER_SANITIZE_EMAIL</td><td>"; $tabledata[1][1]=filter_var($unfilteredtext,FILTER_SANITIZE_EMAIL); $tabledata[1][2]="</td></tr>";
$tabledata[2][0]="<tr><td>FILTER_SANITIZE_ENCODED</td><td>"; $tabledata[2][1]=filter_var($unfilteredtext,FILTER_SANITIZE_ENCODED); $tabledata[2][2]="</td></tr>";
$tabledata[3][0]="<tr><td>FILTER_SANITIZE_MAGIC_QUOTES</td><td>"; $tabledata[3][1]=filter_var($unfilteredtext,FILTER_SANITIZE_MAGIC_QUOTES); $tabledata[3][2]="</td></tr>";
$tabledata[4][0]="<tr><td>FILTER_SANITIZE_SPECIAL_CHARS</td><td>"; $tabledata[4][1]=filter_var($unfilteredtext,FILTER_SANITIZE_SPECIAL_CHARS); $tabledata[4][2]="</td></tr>";
$tabledata[5][0]="<tr><td>FILTER_SANITIZE_FULL_SPECIAL_CHARS</td><td>"; $tabledata[5][1]=filter_var($unfilteredtext,FILTER_SANITIZE_FULL_SPECIAL_CHARS); $tabledata[5][2]="</td></tr>";
$tabledata[6][0]="<tr><td>FILTER_SANITIZE_STRING</td><td>"; $tabledata[6][1]=filter_var($unfilteredtext,FILTER_SANITIZE_STRING); $tabledata[6][2]="</td></tr>";
$tabledata[7][0]="<tr><td>FILTER_SANITIZE_STRIPPED</td><td>"; $tabledata[7][1]=filter_var($unfilteredtext,FILTER_SANITIZE_STRIPPED); $tabledata[7][2]="</td></tr>";
$tabledata[8][0]="<tr><td>FILTER_SANITIZE_URL</td><td>"; $tabledata[8][1]=filter_var($unfilteredtext,FILTER_SANITIZE_URL); $tabledata[8][2]="</td></tr>";
$tabledata[9][0]="<tr><td>FILTER_UNSAFE_RAW</td><td>"; $tabledata[9][1]=filter_var($unfilteredtext,FILTER_UNSAFE_RAW); $tabledata[9][2]="</td></tr>";
for ($i=1; $i <= 9; $i++) {
//echo ($i);
echo ($tabledata[$i][0] . $tabledata[$i][1] . $tabledata[$i][2]);
}
}
*/
function formatPhone($phone_string) {
$retval=str_replace(" ","",$phone_string);
$retval=str_replace("(","",$retval);
$retval=str_replace(")","",$retval);
$retval=str_replace("+","",$retval);
$retval=str_replace("-","",$retval);
if (substr($retval,1,1)=="1") $retval=substr($retval,2);
if (strlen($retval)==10) $retval= substr($retval,0,3) . '-' . substr($retval,3,3) . '-' . substr($retval,6,4) ;
return $retval;
}
//This library is used to maintain state between page clicks.
//See e.g. libPagination.php
//declare a list of GET variables to be maintained and sanitized
if (!isset($stateVarList)) $stateVarList=array('sortorder','userid','productid');
$arrlength = count($stateVarList);
$stateVar=array();
//Use libFilter.php to sanitize the GET variables enumerated above
for($x = 0; $x < $arrlength; $x++) {
$stateVar[$stateVarList[$x]] = sanitizeGetVar($stateVarList[$x]);
}
if (isset($_GET["pagenum"])) {
$page_num=sanitizeGetVar("pagenum");
} else $page_num=1;
//The output of this function is meant to be appended to links within the application.
function newVars($pg,$oldvar=array()) {
global $stateVar;
if (count($oldvar)==0) $oldvar=$stateVar;
$retval="?pagenum=" . $pg;
foreach ($oldvar as $key => $value) {
if (isset($value)) {
if ($value!="") $retval=$retval . "&" . $key . "=" . $value ;
}
}
return $retval;
}
?>