Security Helper: Validate user input for security purposes

Recommend this page to a friend!

Download .zip

Info

Example

View files (3)

Download .zip

Reputation

Support forum

Blog

Links

Last Updated		Ratings				Unique User Downloads		Download Rankings
2024-01-10 (3 days ago)		Not enough user ratings				Total: 322 This week: 2		All time: 7,205 This week: 220

Version		License		PHP version		Categories
`security-helper` 13		The PHP License		5.3		Security

Description

Author

Pouya Darabi

This class can validate user input for security purposes.

It can validate request values to check if they are of expected types like dates, integers, email, float, array or string.

The class can also filter values to prevent cross-site scripting attacks (XSS) attacks, and create hashes of passwords for subsequent password verification.

Pouya Darabi

Performance

Level

Name:	Pouya Darabi `<contact>`
Classes:	1 package by Pouya Darabi
Country:	Canada

Level 2

Example


<?php 

// require class 

require_once 'SecurityHelper.php'; 

// get instance 

$sec = SecurityHelper::getInstance(); 



$endl = '<br />'; 

echo '<pre>'; 



echo $endl,'|--------      Xss Test     --------------|',$endl; 

// clean input from xss  

// input can be array or string 



$xss = 'hi <script>alert(1)</script>'; // before 



echo $sec->CleanXss($xss); // after 



$xssarray = array('hi <script>alert(1)</script>','hi <script>alert(1)</script>','hi <script>alert(1)</script>',132 => array('hi <script>alert(1)</script>')); // before 



print_r($sec->CleanXss($xssarray)); // after 



echo $endl,'|--------      Xss Test     --------------|',$endl; 







echo $endl,'|--------      File Upload Cleaner Test     --------------|',$endl; 

// clean un allowed char from upload file name  

// some one try to upload this file to replace site header 

// function remove special chars and safe it for use 

$replace_heder = '../../img/header.jpg'; // before 



echo $sec->CleanFileChar($replace_heder); // after 





echo $endl,'|--------      File Upload Cleaner Test     --------------|',$endl; 





echo $endl,'|--------      Csrf Generator Test     --------------|',$endl; 



// generate token for csrf check 

echo $sec->CsrfTokenGenerator(); // can be $_SESSION['token'] = $sec->CsrfTokenGenerator(); 





echo $endl,'|--------      Csrf Generator Test    --------------|',$endl; 





echo $endl,'|--------      Crypt Test     --------------|',$endl; 

// hash password and check password is correct 



$pass = '123456'; // before 

$wrongpass = '123'; 



// my seggest (more secure) bcrypt 

$obj = $sec->MyCrypt($pass); 



$hash = $obj->hash; 

$salt = $obj->salt; 



echo 'hash : '.$hash,' | salt :'.$salt , $endl; 

var_dump($sec->CheckMyCrypt($wrongpass, $hash, $salt)); // false 

var_dump($sec->CheckMyCrypt($pass, $hash, $salt)); // true 



// salted md5 (change salt in file if u want) 

$hashed = $sec->MyMD5($pass); 



echo 'MD5 : '.$hashed,$endl; 

var_dump($sec->CheckMyMD5($wrongpass, $hashed)); // false 

var_dump($sec->CheckMyMD5($pass, $hashed)); // true 



//$ = $sec->MyCrypt($pass); 





echo $endl,'|--------      Crypt Test     --------------|',$endl; 





echo $endl,'|--------      DataType Test     --------------|',$endl; 

// check data type 

$int = 11; 

$email  = 'a@mail.com'; 

$date = '2014-01-01 22:22:22'; 



var_dump($sec->CheckType($date, $sec->Type_Date)); 

var_dump($sec->CheckType($email, $sec->Type_Email)); 

var_dump($sec->CheckType($int, $sec->Type_Integer)); 



echo $endl,'|--------      DataType Test    --------------|',$endl; 





echo '</pre>';

Details

This class can validate user input for security purposes.

It can validate request values to check if they are of expected types like dates, integers, email, float, array or string.

The class can also filter values to prevent cross-site scripting attacks (XSS) attacks, and create hashes of passwords for subsequent password verification.

Files

File	Role	Description
`SecurityHelper.php`	Class	main class
`examples.php`	Example	Example script
`README.md`	Doc.	Documentation

	security-helper-2024-01-10.zip 3KB
	security-helper-2024-01-10.tar.gz
	Install with Composer

Version Control

Unique User Downloads

Download Rankings

100%

Total:	322
This week:	2

All time:	7,205
This week:	220

Applications that use this package

No pages of applications that use this class were specified.

If you know an application of this package, send a message to the author to add a link here.

Related pages


class github link

About us

Advertise on this site

For more information send a message to info at phpclasses dot org.