<?php
require "class_filter.php";
$obj = new Std_Filters();
$Filter = array ('goes' => array ('type' => 'string', 'method' => 'GET', 'max_length' => 32),
'acts' => array ('type' => 'string', 'method' => 'GET'),
'test' => array ('type' => 'integer', 'method' => 'GET', 'max_length' => 4)
);
echo "<b>For example, parameter allowed trough our site via \$_GET is:</b><br><br>";
echo "<i>goes</i> : the type is string and max_legth allowed is 32.<br>";
echo "<i>acts</i> : the type is string and max_legth did not specified (which means is 10 character).<br>";
echo "<i>test</i> : the type is integer and max_legth allowed is 4.<br><br>";
if (isset($_GET) && ($_GET != null)) {
echo "<b><font color=\"red\">request parameter before filtered:</font></b><br>";
echo "<pre>";
print_r($_GET);
echo "</pre>";
}
if ($obj->get($_GET, $Filter)) {
echo "<b><font color=\"green\">request parameter after filtered:</font></b><br>";
echo "<pre>";
print_r($_GET);
echo "</pre>";
}
?>
<br><br>
<b>Input filter example:</b> <br>
-----------------------
<br>
Here, <i>test</i> parameter is send as <b>integer:</b> and max_length is 3 (not filtered)
<a href="example.php?goes=topageindex&unwanted=thisisfiltered&junk=12isstring&unwant=asdasd&test=900">Example one</a><br><br>
Here, <i>test</i> parameter is send as <b>integer:</b> and max_length is 5 (filtered)
<a href="example.php?goes=topageindex&unwanted=thisisfiltered&junk=12isstring&unwant=asdasd&test=891099">Example three</a><br><br>
Here, <i>test</i> is send as <b>string:</b> (filtered)
<a href="example.php?goes=topageindex&unwanted=thisisfiltered&junk=12isstring&unwant=asdasd&test=aspas">Example four</a><br><br>
Here, <i>goes</i> have unwanted value like *script*, etc
<a href="example.php?goes=<script>dangerousscript</script>&unwanted=thisisfiltered&junk=12isstring&unwant=asdasd&test=1234">Example five</a><br><br>
Badrus Said <drus@plasa.com><br>
|