Security helper class for your project

• Quick start

  • What is webpackages?
  • Installation
  • Hello World

• The basics

  • Modul View Controller (MVC)
  • load_functions class
  • Helper classes

• Helper classes

  • Benchmark Class
  • Cache Class
  • Captcha Class
  • cURL Class
  • Database Class
  • Date Class
  • Errors Class
  • FileSystem Class
  • FTP Class
  • Images Class
  • Language Class
  • Logger Class
  • Number Class
  • PayPal Class
  • PHPMailer Class
  • Plugins Class
  • RestClient Class
  • Security Class
  • Template Class
  • Text Class
  • URL Class
  • XML Class
  • ZIP Class

Security class

The following sections explain each method of the class.

control

public static mixed control ( mixed $variable, string $convert = null)

Verifies the contents of Passed $variable and are cleaned this back. From v2.0.0 also harmful MySQL code can be removed.

Parameter list

variable

The variable to be checked for malicious code. Here, the following PHP types are allowed:

• string
• boolean
• float, decimal
• integer

convert

Converts the given variable to the correct PHP types format. The following options are available:

• ip Validated and controlled it as IP (4) Address
• email Validated and controlled's e-mail address
• decimal Validated, Converts and controlled it as decimal
• int Validated, Converts and controlled it as an integer.
• bool Validated, Converts and controlled it as a Boolean.
• string Validated, Converts and controlled it as a string. Here also harmful XSS is code removed.

url

public static mixed url ( string $variable, string $input = null, string $convert = null)

Loads the content of a system variable and Validates Controls and Converts this.

Parameter list

variable

The key of the Systemvariabel. For example, you want the user name from a $_POST[,username'] Systemvariabel pick. You gotta go into the parameter $variable enter the following:security::url(,username', ,POST', ,string');

input

Which system variable of the content is to be retrieved. The following are available:

• post - for $_POST
• get - for $_GET
• session - for $_SESSION
• cookie - for $_COOKIE
• server - for $_SERVER
• env - for $_ENV
• request - for $_REQUEST

convert

In what the contents of the system variable to be converted. There following types are available:

• ip Validate the IP address. It's an IP address, this is a false back.
• email Validates the email address. Is it not a valid e-mail address, is a false return.
• decimal Validates the decimal. Is it not a decimal is a false return.
• int Validates the Integer. Is it not an integer is a false returned.
• bool Validates the Boolean. Is it not a boolean is a null returned.
• string It validates the string. If the validation fails, or if any other error, is a false returned.

create_csrf_token (from v2.6.0)

public static string|bool create_csrf_token(string $token_name, $token_duration = 0)

Created a CSRF verification token for example, an HTML form.

Parameter list

token_name

The name should reflect the token. This name can then query the token again.

token_duration

The lifetime of a token. If no value is set, the value is automatically set to 24 hours.

exists_csrf_token (from v2.6.0)

public static bool exists_csrf_token(string $token_name)

Controls whether a token with the given $token_name exist!

Parameter list

token_name

The name of the token to be inspected.

get_csrf_token (from v2.6.0)

public static string|bool get_csrf_token(string $token_name, bool $remove_token_after = false)

Returns the contents of the token whose name was given. Then, the token can be deleted automatically.

Parameter list

token_name

The name of the token is to be given its contents back!

remove_token_after

Can be specified if the token is to be removed by this query! By default to false

remove_csrf_token (from v2.6.0)

public static bool remove_csrf_token(string $token_name)

Removes a specified token.

Parameter list

token_name

The name of the token to be removed.

get_mime_type

public static bool|mixed get_mime_type ( string $path)

Returns the MIME type of the absolute path. This will info_open and info_file function is required. In PHP is not installed, an exception is generated error.

Parameter list

path

The absolute path to the file whose MIME type is to be returned.

get_file_type

public static mixed get_file_type ( string $path)

Returns the file extension of a file.

Parameter list

path

The absolute path to the file, the file extension to be returned.

sha_sec

public static string sha_sec ( string $string)

Encrypts a string to 512 bytes with the SECURITY_KEY constant as the key.

Parameter list

string

The encrypted string to be.

remove_invisible_characters

public static string remove_invisible_characters ( string $str, bool $url_encoded = true)

Removes all spaces or invisible elements from a string. Here also invisible URL coded mark may be removed.

Parameter list

str

The string to be checked and cleaned on invisible characters.

url_encode

Whether invisible URL Encoded characters are to be removed.

is_bot

public static array is_bot ( )

Controls whether the current user is a robot (bot) or a real person. Here especially searchenginecrawler can be identified. Here an array is returned that the current version of the bots are back with.

get_ip_address

public static mixed get_ip_address ( )

Returns the current IP address of the user. In this internal IP addresses will not be considered. At the same time the program also checks whether there is a proxy IP address or not. If no IP address is found, is a false returned.