Lost your password?

Data Filtering!

Posted by killainstnct

Ok, something I’m trying to get right at the moment is data sanitization. now. filter_var is a great function but it lacks certain things, firstly the numbers/flags are a pain to remember.

For this particular reason, I wrote this function. It is called like anything else in a static class (in my case, my config class, just for the sake of being able to call it anywhere) and an example use is config::filterall($var, ’string’) where $var =”<b> hello </b> “; it would only return hello.

This function is well documented and easy to edit, so go ahead.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

		public static function filterall($var, $type='') {
			if($type == 'string') {						        #if type is set to string run this
				$var = filter_var($var, FILTER_SANITIZE_STRING);	                #removes certain chars, this is to help prevent people putting html into their names etc.
				$var = filter_var($var, FILTER_SANITIZE_SPECIAL_CHARS);		#removes the chars that contribute to tags and turns them into things like &amp; becomes &amp;
			}
			if($type == 'int') {								#if type is set to int run this
				$check = filter_var($var, FILTER_VALIDATE_INT);			#checks if the var is a valid integer
				if($check == false) {						#if var is NOT a valid integer continue to sanitize
					$var = filter_var($var, FILTER_SANITIZE_NUMBER_INT);		#sanitize input to just collect numbers within inputed string.
				}
				str_replace('+', '', $var);						#theres no need for a + in the ints I will be using.
				str_replace('-', '', $var);						#once again, no need for a - in the ints I will be using.
				str_replace('.', '', $var);						#if I need decimal points I will use float instead of int.
			}
			if($type == 'float') {								#if type is set to float run this
				$check = filter_var($var, FILTER_VALIDATE_FLOAT);			#check if the var is a valid float
				if($check == false) {						#if var is NOT a valid float continue to sanitize
					$var = filter_var($var, FILTER_SANITIZE_NUMBER_FLOAT);		#sanitize the var so it becomes a valid float.
				}
				str_replace('+', '', $var);						#once again, no need for + signs
				str_replace('-', '', $var);						#no need for - signs
			}
			if($type == 'email') {							#if type is set to email run this
				$check = filter_var($var, FILTER_VALIDATE_EMAIL);			#check if var is a valid email
				if($check == false) {						#continues to sanitize if not a valid email
					$var = filter_var($var, FILTER_SANITIZE_EMAIL);		#sanitize to make valid email. need to add extra here just in case of 'false-positives'
				}
			}
			if($type == 'ip') {								#if type is set to ip run this
				$check = filter_var($var, FILTER_VALIDATE_IP);			        #checks IP against both IPv4 and IPv6
				if($check == false) {						#if not v4 or v6 compliant IP, continues to sanitize.
					str_replace(':', '.', $var);					#because FILTER_VAR_SANITIZE_NUMBER_INT gets rid of : signs, it needs to be replace with a . which is left behind.
					$var = filter_var($var, FILTER_SANITIZE_NUMBER_INT);		#sanitizes the IP string after having its :'s replaced assuming its an IPv6 IP.
					if(strlen($var) > 15) {					#standard IP(IPv4) is no longer than 15 chars(000.000.000.000) so assuming IPv6 is much longer, continue.
						str_replace('.', ':', $var);				#if its an IPv6 address(2001:0db8:85a3:08d3:1319:8a2e:0370:7334) then replace all the .'s we changed earlier back to :'s
					}
				}
			}
			if($type == 'boolean') {							#if type is set to boolean run this
				$check = filter_var($var, FILTER_VALIDATE_BOOLEAN);			#check to see if its a valid boolean true/false, 0/1, yes/no etc or else return NULL
				if($check == NULL) {						#if returns NULL continue
					$var = '';							#give var value of nothing, meaning if done correctly the method/function/query won't go ahead due to lack of input.
				}
			}
			return $var;								#return the final var.
		}//end function filterall

Site Changes & PHP

Posted by killainstnct

Ok, so I’m at a point of tweaking out this site to be just how I want it, next things to work on are my contact, about and portfolio pages.
I’ll be building the contact form script very soon, I can execute PHP via a Wordpress Plugin so YUS lol.

My other PHP project is well.. going slowly. hopefully this weekend sees some real progress. I want to have a fully functioning user system and admin section. the ability to add sections and Forums for admins, and begin working on getting posts and topics involved.

MMOs, PHP and a stupid PROPOSAL

Posted by killainstnct

Ok… I’m gona start with the fun stuff – lately I’ve picked up a new MMO thanks to my friend jimi(chur bro ur an ass for getting me into another game but wotever) Its called Atlantica and its by NDOORS and its pretty fucking good thus far. Its kind of like an MMO Final Fantasy with Rappelz type graphics so its fun. I’d suggest checking it out.

Now, the 2nd dilemma at the moment is $this->PHPProject, I have a PHP project coming up and I’m looking @ making a kind of Nation Community Site for Guilds of Seperate Nations to Interact within the atlantica Universe, obviously its still in the pre development stages and will slowly be prototyped over the next week or so, leading to a final development and then a product that is finished sometime within the next month or so hopefully.

I’d like to test it out on the members of my guild DemonicEmpire and my Nation Syndicate if I can, but its unlikely I can get the Nation to test it, but heres hoping.

Anyway – I have a proposal for the project to write, go check that game, its fucking amazing and totally worth it!