wellton/hhvm
1
0
Fork 0
Código Issues Pull Requests Ações Pacotes Projetos Versões Wiki Atividade

add filter extension

Ver Código-Fonte
Esse commit está contido em:
Paul Tarjan
2013-06-10 00:33:17 -07:00
commit de Sara Golemon
pai 49aa101879
commit fe323e4821
157 arquivos alterados com 4351 adições e 11 exclusões
Baixar Arquivo de Patch Baixar Arquivo de Diff Expandir todos os arquivos Colapsar todos os arquivos
hphp/runtime/base/string_util.cpp
+2 -2
Ver Arquivo
@@ -14,8 +14,8 @@
+----------------------------------------------------------------------+
*/
#include "hphp/util/zend/zend_html.h"
#include "hphp/runtime/base/string_util.h"
#include "hphp/util/zend/zend_html.h"
#include "hphp/runtime/base/zend/zend_string.h"
#include "hphp/runtime/base/zend/zend_url.h"
#include "hphp/runtime/base/runtime_error.h"
@@ -132,7 +132,7 @@ String StringUtil::StripHTMLTags(CStrRef input,
if (input.empty()) return input;
int len = input.size();
char *ret = string_strip_tags(input.data(), len, allowable_tags.data(),
allowable_tags.size());
allowable_tags.size(), false);
return String(ret, len, AttachString);
}
hphp/runtime/base/zend/zend_string.cpp
+2 -2
Ver Arquivo
@@ -1052,13 +1052,13 @@ static size_t strip_tags_impl(char *rbuf, int len, int *stateptr,
}
char *string_strip_tags(const char *s, int &len, const char *allow,
int allow_len) {
int allow_len, bool allow_tag_spaces) {
assert(s);
assert(allow);
char *ret = string_duplicate(s, len);
char *sallow = string_duplicate(allow, allow_len);
len = strip_tags_impl(ret, len, nullptr, sallow, allow_len, false);
len = strip_tags_impl(ret, len, nullptr, sallow, allow_len, allow_tag_spaces);
free(sallow);
return ret;
}
hphp/runtime/base/zend/zend_string.h
+1 -1
Ver Arquivo
@@ -190,7 +190,7 @@ char *string_chunk_split(const char *src, int &srclen, const char *end,
* Strip HTML and PHP tags.
*/
char *string_strip_tags(const char *s, int &len, const char *allow,
int allow_len);
int allow_len, bool allow_tag_spaces);
/**
* Wrap text on word breaks.
hphp/runtime/ext/ext.h
+1
Ver Arquivo
@@ -39,6 +39,7 @@
#include "hphp/runtime/ext/ext_error.h"
#include "hphp/runtime/ext/ext_fb.h"
#include "hphp/runtime/ext/ext_file.h"
#include "hphp/runtime/ext/ext_filter.h"
#include "hphp/runtime/ext/ext_function.h"
#include "hphp/runtime/ext/ext_hash.h"
#include "hphp/runtime/ext/ext_iconv.h"
hphp/runtime/ext/ext_filter.h
+89
Ver Arquivo
@@ -0,0 +1,89 @@
/*
+----------------------------------------------------------------------+
| HipHop for PHP |
+----------------------------------------------------------------------+
| Copyright (c) 2010-2013 Facebook, Inc. (http://www.facebook.com) |
| Copyright (c) 1997-2010 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| http://www.php.net/license/3_01.txt |
| If you did not receive a copy of the PHP license and are unable to |
| obtain it through the world-wide-web, please send a note to |
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
*/
#ifndef incl_EXT_FILTER_H_
#define incl_EXT_FILTER_H_
#include "hphp/runtime/base/base_includes.h"
namespace HPHP {
///////////////////////////////////////////////////////////////////////////////
Variant f_filter_list();
Variant f_filter_id(CStrRef filtername);
Variant f_filter_var(CVarRef variable, int64_t filter = 516,
CVarRef options = empty_array);
extern const int64_t k_INPUT_POST;
extern const int64_t k_INPUT_GET;
extern const int64_t k_INPUT_COOKIE;
extern const int64_t k_INPUT_ENV;
extern const int64_t k_INPUT_SERVER;
extern const int64_t k_INPUT_SESSION;
extern const int64_t k_INPUT_REQUEST;
extern const int64_t k_FILTER_FLAG_NONE;
extern const int64_t k_FILTER_REQUIRE_SCALAR;
extern const int64_t k_FILTER_REQUIRE_ARRAY;
extern const int64_t k_FILTER_FORCE_ARRAY;
extern const int64_t k_FILTER_NULL_ON_FAILURE;
extern const int64_t k_FILTER_VALIDATE_INT;
extern const int64_t k_FILTER_VALIDATE_BOOLEAN;
extern const int64_t k_FILTER_VALIDATE_FLOAT;
extern const int64_t k_FILTER_VALIDATE_REGEXP;
extern const int64_t k_FILTER_VALIDATE_URL;
extern const int64_t k_FILTER_VALIDATE_EMAIL;
extern const int64_t k_FILTER_VALIDATE_IP;
extern const int64_t k_FILTER_VALIDATE_MAC;
extern const int64_t k_FILTER_DEFAULT;
extern const int64_t k_FILTER_UNSAFE_RAW;
extern const int64_t k_FILTER_SANITIZE_STRING;
extern const int64_t k_FILTER_SANITIZE_STRIPPED;
extern const int64_t k_FILTER_SANITIZE_ENCODED;
extern const int64_t k_FILTER_SANITIZE_SPECIAL_CHARS;
extern const int64_t k_FILTER_SANITIZE_FULL_SPECIAL_CHARS;
extern const int64_t k_FILTER_SANITIZE_EMAIL;
extern const int64_t k_FILTER_SANITIZE_URL;
extern const int64_t k_FILTER_SANITIZE_NUMBER_INT;
extern const int64_t k_FILTER_SANITIZE_NUMBER_FLOAT;
extern const int64_t k_FILTER_SANITIZE_MAGIC_QUOTES;
extern const int64_t k_FILTER_CALLBACK;
extern const int64_t k_FILTER_FLAG_ALLOW_OCTAL;
extern const int64_t k_FILTER_FLAG_ALLOW_HEX;
extern const int64_t k_FILTER_FLAG_STRIP_LOW;
extern const int64_t k_FILTER_FLAG_STRIP_HIGH;
extern const int64_t k_FILTER_FLAG_ENCODE_LOW;
extern const int64_t k_FILTER_FLAG_ENCODE_HIGH;
extern const int64_t k_FILTER_FLAG_ENCODE_AMP;
extern const int64_t k_FILTER_FLAG_NO_ENCODE_QUOTES;
extern const int64_t k_FILTER_FLAG_EMPTY_STRING_NULL;
extern const int64_t k_FILTER_FLAG_STRIP_BACKTICK;
extern const int64_t k_FILTER_FLAG_ALLOW_FRACTION;
extern const int64_t k_FILTER_FLAG_ALLOW_THOUSAND;
extern const int64_t k_FILTER_FLAG_ALLOW_SCIENTIFIC;
extern const int64_t k_FILTER_FLAG_SCHEME_REQUIRED;
extern const int64_t k_FILTER_FLAG_HOST_REQUIRED;
extern const int64_t k_FILTER_FLAG_PATH_REQUIRED;
extern const int64_t k_FILTER_FLAG_QUERY_REQUIRED;
extern const int64_t k_FILTER_FLAG_IPV4;
extern const int64_t k_FILTER_FLAG_IPV6;
extern const int64_t k_FILTER_FLAG_NO_RES_RANGE;
extern const int64_t k_FILTER_FLAG_NO_PRIV_RANGE;
///////////////////////////////////////////////////////////////////////////////
}
#endif // incl_EXT_FILTER_H_
hphp/runtime/ext/ext_string.cpp
-4
Ver Arquivo
@@ -1103,10 +1103,6 @@ String f_convert_cyr_string(CStrRef str, CStrRef from, CStrRef to) {
#define ENT_HTML_QUOTE_SINGLE 1
#define ENT_HTML_QUOTE_DOUBLE 2
#define ENT_COMPAT ENT_HTML_QUOTE_DOUBLE
#define ENT_QUOTES (ENT_HTML_QUOTE_DOUBLE | ENT_HTML_QUOTE_SINGLE)
#define ENT_NOQUOTES ENT_HTML_QUOTE_NONE
static const HtmlBasicEntity basic_entities[] = {
{ '"', """, 6, ENT_HTML_QUOTE_DOUBLE },
{ '\'', "'", 6, ENT_HTML_QUOTE_SINGLE },
hphp/runtime/ext/filter/ext_filter.cpp
+307
Ver Arquivo
@@ -0,0 +1,307 @@
/*
+----------------------------------------------------------------------+
| HipHop for PHP |
+----------------------------------------------------------------------+
| Copyright (c) 2010-2013 Facebook, Inc. (http://www.facebook.com) |
| Copyright (c) 1997-2010 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| http://www.php.net/license/3_01.txt |
| If you did not receive a copy of the PHP license and are unable to |
| obtain it through the world-wide-web, please send a note to |
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
*/
#include "hphp/runtime/ext/ext_filter.h"
#include "hphp/runtime/ext/filter/logical_filters.h"
#include "hphp/runtime/ext/filter/sanitizing_filters.h"
namespace HPHP {
///////////////////////////////////////////////////////////////////////////////
const int64_t k_INPUT_POST = 0;
const int64_t k_INPUT_GET = 1;
const int64_t k_INPUT_COOKIE = 2;
const int64_t k_INPUT_ENV = 4;
const int64_t k_INPUT_SERVER = 5;
const int64_t k_INPUT_SESSION = 6;
const int64_t k_INPUT_REQUEST = 99;
const int64_t k_FILTER_FLAG_NONE = 0;
const int64_t k_FILTER_REQUIRE_SCALAR = 33554432;
const int64_t k_FILTER_REQUIRE_ARRAY = 16777216;
const int64_t k_FILTER_FORCE_ARRAY = 67108864;
const int64_t k_FILTER_NULL_ON_FAILURE = 134217728;
const int64_t k_FILTER_VALIDATE_INT = 257;
const int64_t k_FILTER_VALIDATE_BOOLEAN = 258;
const int64_t k_FILTER_VALIDATE_FLOAT = 259;
const int64_t k_FILTER_VALIDATE_REGEXP = 272;
const int64_t k_FILTER_VALIDATE_URL = 273;
const int64_t k_FILTER_VALIDATE_EMAIL = 274;
const int64_t k_FILTER_VALIDATE_IP = 275;
const int64_t k_FILTER_VALIDATE_MAC = 276;
const int64_t k_FILTER_DEFAULT = 516;
const int64_t k_FILTER_UNSAFE_RAW = 516;
const int64_t k_FILTER_SANITIZE_STRING = 513;
const int64_t k_FILTER_SANITIZE_STRIPPED = 513;
const int64_t k_FILTER_SANITIZE_ENCODED = 514;
const int64_t k_FILTER_SANITIZE_SPECIAL_CHARS = 515;
const int64_t k_FILTER_SANITIZE_FULL_SPECIAL_CHARS = 515;
const int64_t k_FILTER_SANITIZE_EMAIL = 517;
const int64_t k_FILTER_SANITIZE_URL = 518;
const int64_t k_FILTER_SANITIZE_NUMBER_INT = 519;
const int64_t k_FILTER_SANITIZE_NUMBER_FLOAT = 520;
const int64_t k_FILTER_SANITIZE_MAGIC_QUOTES = 521;
const int64_t k_FILTER_CALLBACK = 1024;
const int64_t k_FILTER_FLAG_ALLOW_OCTAL = 1;
const int64_t k_FILTER_FLAG_ALLOW_HEX = 2;
const int64_t k_FILTER_FLAG_STRIP_LOW = 4;
const int64_t k_FILTER_FLAG_STRIP_HIGH = 8;
const int64_t k_FILTER_FLAG_ENCODE_LOW = 16;
const int64_t k_FILTER_FLAG_ENCODE_HIGH = 32;
const int64_t k_FILTER_FLAG_ENCODE_AMP = 64;
const int64_t k_FILTER_FLAG_NO_ENCODE_QUOTES = 128;
const int64_t k_FILTER_FLAG_EMPTY_STRING_NULL = 256;
const int64_t k_FILTER_FLAG_STRIP_BACKTICK = 512;
const int64_t k_FILTER_FLAG_ALLOW_FRACTION = 4096;
const int64_t k_FILTER_FLAG_ALLOW_THOUSAND = 8192;
const int64_t k_FILTER_FLAG_ALLOW_SCIENTIFIC = 16384;
const int64_t k_FILTER_FLAG_SCHEME_REQUIRED = 65536;
const int64_t k_FILTER_FLAG_HOST_REQUIRED = 131072;
const int64_t k_FILTER_FLAG_PATH_REQUIRED = 262144;
const int64_t k_FILTER_FLAG_QUERY_REQUIRED = 524288;
const int64_t k_FILTER_FLAG_IPV4 = 1048576;
const int64_t k_FILTER_FLAG_IPV6 = 2097152;
const int64_t k_FILTER_FLAG_NO_RES_RANGE = 4194304;
const int64_t k_FILTER_FLAG_NO_PRIV_RANGE = 8388608;
typedef struct filter_list_entry {
StaticString name;
int64_t id;
Variant (*function)(PHP_INPUT_FILTER_PARAM_DECL);
} filter_list_entry;
static const filter_list_entry filter_list[] = {
{
StaticString("int"),
k_FILTER_VALIDATE_INT,
php_filter_int
}, {
StaticString("boolean"),
k_FILTER_VALIDATE_BOOLEAN,
php_filter_boolean
}, {
StaticString("float"),
k_FILTER_VALIDATE_FLOAT,
php_filter_float
}, {
StaticString("validate_regexp"),
k_FILTER_VALIDATE_REGEXP,
php_filter_validate_regexp
}, {
StaticString("validate_url"),
k_FILTER_VALIDATE_URL,
php_filter_validate_url
}, {
StaticString("validate_email"),
k_FILTER_VALIDATE_EMAIL,
php_filter_validate_email
}, {
StaticString("validate_ip"),
k_FILTER_VALIDATE_IP,
php_filter_validate_ip
}, {
StaticString("validate_mac"),
k_FILTER_VALIDATE_MAC,
php_filter_validate_mac
}, {
StaticString("string"),
k_FILTER_SANITIZE_STRING,
php_filter_string
}, {
StaticString("stripped"),
k_FILTER_SANITIZE_STRING,
php_filter_string
}, {
StaticString("encoded"),
k_FILTER_SANITIZE_ENCODED,
php_filter_encoded
}, {
StaticString("special_chars"),
k_FILTER_SANITIZE_SPECIAL_CHARS,
php_filter_special_chars
}, {
StaticString("full_special_chars"),
k_FILTER_SANITIZE_FULL_SPECIAL_CHARS,
php_filter_full_special_chars
}, {
StaticString("unsafe_raw"),
k_FILTER_UNSAFE_RAW,
php_filter_unsafe_raw
}, {
StaticString("email"),
k_FILTER_SANITIZE_EMAIL,
php_filter_email
}, {
StaticString("url"),
k_FILTER_SANITIZE_URL,
php_filter_url
}, {
StaticString("number_int"),
k_FILTER_SANITIZE_NUMBER_INT,
php_filter_number_int
}, {
StaticString("number_float"),
k_FILTER_SANITIZE_NUMBER_FLOAT,
php_filter_number_float
}, {
StaticString("magic_quotes"),
k_FILTER_SANITIZE_MAGIC_QUOTES,
php_filter_magic_quotes
}, {
StaticString("callback"),
k_FILTER_CALLBACK,
php_filter_callback
},
};
const StaticString
s_flags("flags"),
s_default("default"),
s_options("options");
static Variant fail(bool return_null, CVarRef options) {
if (options.isArray()) {
CArrRef arr(options.toArray());
if (arr.exists(s_default)) {
return options[s_default];
}
}
if (return_null) {
return uninit_null();
}
return false;
}
static filter_list_entry php_find_filter(uint64_t id) {
int i, size = sizeof(filter_list) / sizeof(filter_list_entry);
for (i = 0; i < size; ++i) {
if (filter_list[i].id == id) {
return filter_list[i];
}
}
/* Fallback to "string" filter */
for (i = 0; i < size; ++i) {
if (filter_list[i].id == k_FILTER_DEFAULT) {
return filter_list[i];
}
}
// never hit
return filter_list[0];
}
static Variant filter_var(CVarRef variable, int64_t filter, CVarRef options) {
filter_list_entry filter_func = php_find_filter(filter);
int64_t flags;
Variant option_array;
if (options.isInteger()) {
flags = options.toInt64();
} else {
flags = options[s_flags].toInt64();
option_array = options[s_options];
}
Variant ret(filter_func.function(variable, flags, option_array));
if (option_array.isArray() && option_array.toArray().exists(s_default) &&
((flags & k_FILTER_NULL_ON_FAILURE && ret.isNull()) ||
(!(flags & k_FILTER_NULL_ON_FAILURE) && ret.isBoolean() &&
ret.asBooleanVal() == 0))) {
ret = option_array[s_default];
}
return ret;
}
static Variant filter_recursive(CVarRef variable, int64_t filter,
CVarRef options) {
Array ret;
for (ArrayIter iter(variable); iter; ++iter) {
if (iter.second().isArray()) {
ret.add(
iter.first(),
filter_recursive(iter.second().toArray(), filter, options)
);
} else {
ret.add(iter.first(), filter_var(iter.second(), filter, options));
}
}
return ret;
}
///////////////////////////////////////////////////////////////////////////////
Variant f_filter_list() {
size_t size = sizeof(filter_list) / sizeof(filter_list_entry);
Array ret;
for (size_t i = 0; i < size; ++i) {
ret.append(filter_list[i].name);
}
return ret;
}
Variant f_filter_id(CStrRef filtername) {
size_t size = sizeof(filter_list) / sizeof(filter_list_entry);
for (size_t i = 0; i < size; ++i) {
if (filter_list[i].name == filtername) {
return filter_list[i].id;
}
}
return false;
}
Variant f_filter_var(CVarRef variable, int64_t filter /* = 516 */,
CVarRef options /* = empty_array */) {
int64_t filter_flags;
if (options.isArray()) {
filter_flags = options[s_flags].toInt64();
} else {
filter_flags = options.toInt64();
}
if (!(filter_flags & k_FILTER_REQUIRE_ARRAY ||
filter_flags & k_FILTER_FORCE_ARRAY)) {
filter_flags |= k_FILTER_REQUIRE_SCALAR;
}
// No idea why, but zend does this..
if (filter == k_FILTER_CALLBACK) {
filter_flags = 0;
}
if (variable.isArray()) {
if (filter_flags & k_FILTER_REQUIRE_SCALAR) {
return fail(filter_flags & k_FILTER_NULL_ON_FAILURE, options);
}
return filter_recursive(variable, filter, options);
}
if (filter_flags & k_FILTER_REQUIRE_ARRAY) {
return fail(filter_flags & k_FILTER_NULL_ON_FAILURE, options);
}
try {
Variant ret(filter_var(variable, filter, options));
if (filter_flags & k_FILTER_FORCE_ARRAY && !ret.isArray()) {
ret = CREATE_VECTOR1(ret);
}
return ret;
} catch (BadTypeConversionException &e) {
return fail(filter_flags & k_FILTER_NULL_ON_FAILURE, options);
}
}
///////////////////////////////////////////////////////////////////////////////
}
hphp/runtime/ext/filter/filter_private.h
+83
Ver Arquivo
@@ -0,0 +1,83 @@
/*
+----------------------------------------------------------------------+
| HipHop for PHP |
+----------------------------------------------------------------------+
| Copyright (c) 2010-2013 Facebook, Inc. (http://www.facebook.com) |
| Copyright (c) 1997-2010 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| http://www.php.net/license/3_01.txt |
| If you did not receive a copy of the PHP license and are unable to |
| obtain it through the world-wide-web, please send a note to |
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
*/
#ifndef HPHP_EXT_FILTER_FILTER_PRIVATE_H
#define HPHP_EXT_FILTER_FILTER_PRIVATE_H
#include "hphp/runtime/base/types.h"
#define PHP_INPUT_FILTER_PARAM_DECL CStrRef value, long flags, \
CVarRef option_array
#define RETURN_VALIDATION_FAILED \
if (flags & k_FILTER_NULL_ON_FAILURE) { \
return uninit_null(); \
} else { \
return false; \
}
#define PHP_FILTER_TRIM_DEFAULT(p, len) PHP_FILTER_TRIM_DEFAULT_EX(p, len, 1);
#define PHP_FILTER_TRIM_DEFAULT_EX(p, len, return_if_empty) { \
while ((len > 0) && (*p == ' ' || *p == '\t' || *p == '\r' || *p == '\v' || \
*p == '\n')) { \
p++; \
len--; \
} \
if (len < 1 && return_if_empty) { \
RETURN_VALIDATION_FAILED \
} \
if (len > 0) { \
while (p[len-1] == ' ' || p[len-1] == '\t' || p[len-1] == '\r' || \
p[len-1] == '\v' || p[len-1] == '\n') { \
len--; \
} \
} \
}
#define FETCH_STRING_OPTION(var_name, option_name) \
var_name = nullptr; \
var_name##_set = 0; \
var_name##_len = 0; \
if (option_array.isArray() && \
!option_array.toArray().empty()) { \
CArrRef option_array_arr = option_array.toArray(); \
if (option_array_arr.exists(option_name)) { \
Variant option_val(option_array_arr[option_name]); \
if (option_val.isString()) { \
var_name = option_val.toString().data(); \
var_name##_len = option_val.toString().length(); \
var_name##_set = 1; \
} \
} \
}
#define FETCH_LONG_OPTION(var_name, option_name) \
var_name = 0; \
var_name##_set = 0; \
if (option_array.isArray() && \
!option_array.toArray().empty()) { \
CArrRef option_array_arr = option_array.toArray(); \
if (option_array_arr.exists(option_name)) { \
Variant option_val(option_array_arr[option_name]); \
if (option_val.isInteger()) { \
var_name = option_val.toInt64(); \
var_name##_set = 1; \
} \
} \
}
#endif /* HPHP_EXT_FILTER_FILTER_PRIVATE_H */
hphp/runtime/ext/filter/logical_filters.cpp
+773
Ver Arquivo
@@ -0,0 +1,773 @@
/*
+----------------------------------------------------------------------+
| HipHop for PHP |
+----------------------------------------------------------------------+
| Copyright (c) 2010-2013 Facebook, Inc. (http://www.facebook.com) |
| Copyright (c) 1997-2010 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| http://www.php.net/license/3_01.txt |
| If you did not receive a copy of the PHP license and are unable to |
| obtain it through the world-wide-web, please send a note to |
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
*/
#include "hphp/runtime/ext/filter/logical_filters.h"
#include "hphp/runtime/ext/filter/sanitizing_filters.h"
#include "hphp/runtime/ext/ext_filter.h"
#include "hphp/runtime/base/zend/zend_php_config.h"
#include "hphp/runtime/base/zend/zend_url.h"
#include "hphp/runtime/base/complex_types.h"
#include "hphp/runtime/base/preg.h"
#include "hphp/runtime/ext/ext_function.h"
#include "hphp/runtime/ext/ext_string.h"
#include "hphp/runtime/ext/ext_url.h"
#include <arpa/inet.h>
#include <pcre.h>
#define FORMAT_IPV4 4
#define FORMAT_IPV6 6
#define MAX_LENGTH_OF_LONG 20
namespace HPHP {
const StaticString
s_min_range("min_range"),
s_max_range("max_range"),
s_decimal("decimal"),
s_regexp("regexp"),
s_separator("separator");
static int php_filter_parse_int(const char *str, unsigned int str_len,
long *ret) {
int sign = 0;
const char *end = str + str_len;
switch (*str) {
case '-':
sign = 1;
/* fallthrough */
case '+':
str++;
default:
break;
}
if (*str == '0' && str + 1 == end) {
/* Special cases: +0 and -0 */
return 1;
}
long ctx_value;
/* must start with 1..9*/
if (str < end && *str >= '1' && *str <= '9') {
ctx_value = ((sign)?-1:1) * ((*(str++)) - '0');
} else {
return -1;
}
if ((end - str > MAX_LENGTH_OF_LONG - 1) /* number too long */
|| (SIZEOF_LONG == 4 && (end - str == MAX_LENGTH_OF_LONG - 1) &&
*str > '2')) {
/* overflow */
return -1;
}
while (str < end) {
if (*str >= '0' && *str <= '9') {
int digit = (*(str++) - '0');
if ( (!sign) && ctx_value <= (LONG_MAX-digit)/10 ) {
ctx_value = (ctx_value * 10) + digit;
} else if ( sign && ctx_value >= (LONG_MIN+digit)/10) {
ctx_value = (ctx_value * 10) - digit;
} else {
return -1;
}
} else {
return -1;
}
}
*ret = ctx_value;
return 1;
}
static int php_filter_parse_octal(const char *str, unsigned int str_len,
long *ret) {
unsigned long ctx_value = 0;
const char *end = str + str_len;
while (str < end) {
if (*str >= '0' && *str <= '7') {
unsigned long n = ((*(str++)) - '0');
if ((ctx_value > ((unsigned long)(~(long)0)) / 8) ||
((ctx_value = ctx_value * 8) > ((unsigned long)(~(long)0)) - n)) {
return -1;
}
ctx_value += n;
} else {
return -1;
}
}
*ret = (long)ctx_value;
return 1;
}
static int php_filter_parse_hex(const char *str, unsigned int str_len,
long *ret) {
unsigned long ctx_value = 0;
const char *end = str + str_len;
unsigned long n;
while (str < end) {
if (*str >= '0' && *str <= '9') {
n = ((*(str++)) - '0');
} else if (*str >= 'a' && *str <= 'f') {
n = ((*(str++)) - ('a' - 10));
} else if (*str >= 'A' && *str <= 'F') {
n = ((*(str++)) - ('A' - 10));
} else {
return -1;
}
if ((ctx_value > ((unsigned long)(~(long)0)) / 16) ||
((ctx_value = ctx_value * 16) > ((unsigned long)(~(long)0)) - n)) {
return -1;
}
ctx_value += n;
}
*ret = (long)ctx_value;
return 1;
}
Variant php_filter_int(PHP_INPUT_FILTER_PARAM_DECL) {
/* Parse options */
long min_range, max_range;
int min_range_set, max_range_set;
FETCH_LONG_OPTION(min_range, s_min_range);
FETCH_LONG_OPTION(max_range, s_max_range);
long option_flags = flags;
int len = value.length();
if (len == 0) {
RETURN_VALIDATION_FAILED
}
bool allow_octal = false, allow_hex = false;
if (option_flags & k_FILTER_FLAG_ALLOW_OCTAL) {
allow_octal = true;
}
if (option_flags & k_FILTER_FLAG_ALLOW_HEX) {
allow_hex = true;
}
/* Start the validating loop */
const char *p = value.data();
long ctx_value = 0;
PHP_FILTER_TRIM_DEFAULT(p, len);
int error = 0;
if (*p == '0') {
p++; len--;
if (allow_hex && (*p == 'x' || *p == 'X')) {
p++; len--;
if (php_filter_parse_hex(p, len, &ctx_value) < 0) {
assert(ctx_value == 0);
error = 1;
}
} else if (allow_octal) {
if (php_filter_parse_octal(p, len, &ctx_value) < 0) {
assert(ctx_value == 0);
error = 1;
}
} else if (len != 0) {
error = 1;
}
} else {
if (php_filter_parse_int(p, len, &ctx_value) < 0) {
assert(ctx_value == 0);
error = 1;
}
}
if (error > 0 || (min_range_set && (ctx_value < min_range)) ||
(max_range_set && (ctx_value > max_range))) {
RETURN_VALIDATION_FAILED
} else {
return ctx_value;
}
}
Variant php_filter_boolean(PHP_INPUT_FILTER_PARAM_DECL) {
const char *str = value.data();
int len = value.length();
PHP_FILTER_TRIM_DEFAULT_EX(str, len, 0);
/* returns true for "1", "true", "on" and "yes"
* returns false for "0", "false", "off", "no", and ""
* null otherwise. */
int ret;
switch (len) {
case 0:
ret = 0;
break;
case 1:
if (*str == '1') {
ret = 1;
} else if (*str == '0') {
ret = 0;
} else {
ret = -1;
}
break;
case 2:
if (strncasecmp(str, "on", 2) == 0) {
ret = 1;
} else if (strncasecmp(str, "no", 2) == 0) {
ret = 0;
} else {
ret = -1;
}
break;
case 3:
if (strncasecmp(str, "yes", 3) == 0) {
ret = 1;
} else if (strncasecmp(str, "off", 3) == 0) {
ret = 0;
} else {
ret = -1;
}
break;
case 4:
if (strncasecmp(str, "true", 4) == 0) {
ret = 1;
} else {
ret = -1;
}
break;
case 5:
if (strncasecmp(str, "false", 5) == 0) {
ret = 0;
} else {
ret = -1;
}
break;
default:
ret = -1;
}
if (ret == -1) {
RETURN_VALIDATION_FAILED
} else {
return (bool)ret;
}
}
Variant php_filter_float(PHP_INPUT_FILTER_PARAM_DECL) {
char dec_sep = '.';
char tsd_sep[3] = {'\'', ',', '.'};
int len = value.length();
const char *str = value.data();
PHP_FILTER_TRIM_DEFAULT(str, len);
const char *end = str + len;
const char *decimal;
int decimal_set, decimal_len;
FETCH_STRING_OPTION(decimal, s_decimal);
if (decimal_set) {
if (decimal_len != 1) {
raise_warning("decimal separator must be one char");
RETURN_VALIDATION_FAILED
} else {
dec_sep = *decimal;
}
}
StringBuffer p(len);
if (str < end && (*str == '+' || *str == '-')) {
p += *str++;
}
int first = 1;
while (1) {
int n = 0;
while (str < end && *str >= '0' && *str <= '9') {
++n;
p += *str++;
}
if (str == end || *str == dec_sep || *str == 'e' || *str == 'E') {
if (!first && n != 3) {
goto error;
}
if (*str == dec_sep) {
p += '.';
str++;
while (str < end && *str >= '0' && *str <= '9') {
p += *str++;
}
}
if (*str == 'e' || *str == 'E') {
p += *str++;
if (str < end && (*str == '+' || *str == '-')) {
p += *str++;
}
while (str < end && *str >= '0' && *str <= '9') {
p += *str++;
}
}
break;
}
if ((flags & k_FILTER_FLAG_ALLOW_THOUSAND) &&
(*str == tsd_sep[0] || *str == tsd_sep[1] || *str == tsd_sep[2])) {
if (first?(n < 1 || n > 3):(n != 3)) {
goto error;
}
first = 0;
str++;
} else {
goto error;
}
}
if (str != end) {
goto error;
}
long lval;
double dval;
switch (is_numeric_string(p.data(), p.length(), &lval, &dval, 0)) {
case KindOfInt64:
return (double) lval;
break;
case KindOfDouble:
if ((!dval && p.length() > 1 && strpbrk(p.data(), "123456789")) ||
!zend_finite(dval)) {
goto error;
}
return dval;
break;
default:
error:
RETURN_VALIDATION_FAILED
}
return value;
}
Variant php_filter_validate_regexp(PHP_INPUT_FILTER_PARAM_DECL) {
/* Parse options */
const char *regexp;
UNUSED int regexp_len;
int regexp_set;
FETCH_STRING_OPTION(regexp, s_regexp);
if (!regexp_set) {
raise_warning("'regexp' option missing");
RETURN_VALIDATION_FAILED
}
int matches = preg_match(regexp, value);
if (matches <= 0) {
RETURN_VALIDATION_FAILED
}
return value;
}
Variant php_filter_validate_url(PHP_INPUT_FILTER_PARAM_DECL) {
int old_len = value.length();
php_filter_url(value, flags, option_array);
if (old_len != value.length()) {
RETURN_VALIDATION_FAILED
}
/* Use parse_url - if it returns false, we return NULL */
Url url;
if (!url_parse(url, value.data(), value.length())) {
RETURN_VALIDATION_FAILED
}
if (url.scheme != nullptr &&
(!strcasecmp(url.scheme, "http") || !strcasecmp(url.scheme, "https"))) {
if (url.host == nullptr) {
goto bad_url;
}
char *e = url.host + strlen(url.host);
char *s = url.host;
/* First char of hostname must be alphanumeric */
if(!isalnum((int)*(unsigned char *)s)) {
goto bad_url;
}
while (s < e) {
if (!isalnum((int)*(unsigned char *)s) && *s != '-' && *s != '.') {
goto bad_url;
}
s++;
}
if (*(e - 1) == '.') {
goto bad_url;
}
}
if (
url.scheme == nullptr ||
/* some schemas allow the host to be empty */
(url.host == nullptr && (strcmp(url.scheme, "mailto") &&
strcmp(url.scheme, "news") &&
strcmp(url.scheme, "file"))) ||
((flags & k_FILTER_FLAG_PATH_REQUIRED) && url.path == nullptr) ||
((flags & k_FILTER_FLAG_QUERY_REQUIRED) && url.query == nullptr)
) {
bad_url:
RETURN_VALIDATION_FAILED
}
return value;
}
Variant php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) {
/*
* The regex below is based on a regex by Michael Rushton.
* However, it is not identical. I changed it to only consider routeable
* addresses as valid. Michael's regex considers a@b a valid address
* which conflicts with section 2.3.5 of RFC 5321 which states that:
*
* Only resolvable, fully-qualified domain names (FQDNs) are permitted
* when domain names are used in SMTP. In other words, names that can
* be resolved to MX RRs or address (i.e., A or AAAA) RRs (as discussed
* in Section 5) are permitted, as are CNAME RRs whose targets can be
* resolved, in turn, to MX or address RRs. Local nicknames or
* unqualified names MUST NOT be used.
*
* This regex does not handle comments and folding whitespace. While
* this is technically valid in an email address, these parts aren't
* actually part of the address itself.
*
* Michael's regex carries this copyright:
*
* Copyright Michael Rushton 2009-10
* http://squiloople.com/
* Feel free to use and redistribute this code. But please keep this
* copyright notice.
*
*/
const char regexp[] = "/^(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){255,})(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){65,}@)(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22))(?:\\.(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22)))*@(?:(?:(?!.*[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-+[a-z0-9]+)*\\.){1,126}){1,}(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-+[a-z0-9]+)*)|(?:\\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9][:\\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\\.(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\\]))$/iD";
/* The maximum length of an e-mail address is 320 octets, per RFC 2821. */
if (value.length() > 320) {
RETURN_VALIDATION_FAILED
}
int matches = preg_match(regexp, value);
if (matches <= 0) {
RETURN_VALIDATION_FAILED
}
return value;
}
static int _php_filter_validate_ipv4(const char *str, int str_len, int *ip) {
const char *end = str + str_len;
int n = 0;
while (str < end) {
if (*str < '0' || *str > '9') {
return 0;
}
int leading_zero = (*str == '0');
int m = 1;
int num = ((*(str++)) - '0');
while (str < end && (*str >= '0' && *str <= '9')) {
num = num * 10 + ((*(str++)) - '0');
if (num > 255 || ++m > 3) {
return 0;
}
}
/* don't allow a leading 0; that introduces octal numbers,
* which we don't support */
if (leading_zero && (num != 0 || m > 1))
return 0;
ip[n++] = num;
if (n == 4) {
return str == end;
} else if (str >= end || *(str++) != '.') {
return 0;
}
}
return 0;
}
static int _php_filter_validate_ipv6(const char *str, int str_len) {
if (!memchr(str, ':', str_len)) {
return 0;
}
/* check for bundled IPv4 */
const char *ipv4 = (const char*) memchr(str, '.', str_len);
int blocks = 0;
if (ipv4) {
while (ipv4 > str && *(ipv4-1) != ':') {
ipv4--;
}
int ip4elm[4];
if (!_php_filter_validate_ipv4(ipv4, (str_len - (ipv4 - str)), ip4elm)) {
return 0;
}
str_len = ipv4 - str; /* length excluding ipv4 */
if (str_len < 2) {
return 0;
}
if (ipv4[-2] != ':') {
/* don't include : before ipv4 unless it's a :: */
str_len--;
}
blocks = 2;
}
const char *end = str + str_len;
const char *s = str;
int compressed = 0;
int n;
while (str < end) {
if (*str == ':') {
if (++str >= end) {
/* cannot end in : without previous : */
return 0;
}
if (*str == ':') {
if (compressed) {
return 0;
}
blocks++; /* :: means 1 or more 16-bit 0 blocks */
compressed = 1;
if (++str == end) {
return (blocks <= 8);
}
} else if ((str - 1) == s) {
/* dont allow leading : without another : following */
return 0;
}
}
n = 0;
while ((str < end) &&
((*str >= '0' && *str <= '9') ||
(*str >= 'a' && *str <= 'f') ||
(*str >= 'A' && *str <= 'F'))) {
n++;
str++;
}
if (n < 1 || n > 4) {
return 0;
}
if (++blocks > 8)
return 0;
}
return ((compressed && blocks <= 8) || blocks == 8);
}
Variant php_filter_validate_ip(PHP_INPUT_FILTER_PARAM_DECL) {
/* validates an ipv4 or ipv6 IP, based on the flag (4, 6, or both) add a
* flag to throw out reserved ranges; multicast ranges... etc. If both
* allow_ipv4 and allow_ipv6 flags flag are used, then the first dot or
* colon determine the format */
int mode;
if (memchr(value.data(), ':', value.length())) {
mode = FORMAT_IPV6;
} else if (memchr(value.data(), '.', value.length())) {
mode = FORMAT_IPV4;
} else {
RETURN_VALIDATION_FAILED
}
if ((flags & k_FILTER_FLAG_IPV4) && (flags & k_FILTER_FLAG_IPV6)) {
/* Both formats are cool */
} else if ((flags & k_FILTER_FLAG_IPV4) && mode == FORMAT_IPV6) {
RETURN_VALIDATION_FAILED
} else if ((flags & k_FILTER_FLAG_IPV6) && mode == FORMAT_IPV4) {
RETURN_VALIDATION_FAILED
}
switch (mode) {
case FORMAT_IPV4:
int ip[4];
if (!_php_filter_validate_ipv4(value.data(), value.length(), ip)) {
RETURN_VALIDATION_FAILED
}
/* Check flags */
if (flags & k_FILTER_FLAG_NO_PRIV_RANGE) {
if (
(ip[0] == 10) ||
(ip[0] == 172 && (ip[1] >= 16 && ip[1] <= 31)) ||
(ip[0] == 192 && ip[1] == 168)
) {
RETURN_VALIDATION_FAILED
}
}
if (flags & k_FILTER_FLAG_NO_RES_RANGE) {
if (
(ip[0] == 0) ||
(ip[0] == 128 && ip[1] == 0) ||
(ip[0] == 191 && ip[1] == 255) ||
(ip[0] == 169 && ip[1] == 254) ||
(ip[0] == 192 && ip[1] == 0 && ip[2] == 2) ||
(ip[0] == 127 && ip[1] == 0 && ip[2] == 0 && ip[3] == 1) ||
(ip[0] >= 224 && ip[0] <= 255)
) {
RETURN_VALIDATION_FAILED
}
}
break;
case FORMAT_IPV6:
{
int res = 0;
res = _php_filter_validate_ipv6(value.data(), value.length());
if (res < 1) {
RETURN_VALIDATION_FAILED
}
/* Check flags */
if (flags & k_FILTER_FLAG_NO_PRIV_RANGE) {
if (value.length() >=2 &&
(!strncasecmp("FC", value.data(), 2) ||
!strncasecmp("FD", value.data(), 2))) {
RETURN_VALIDATION_FAILED
}
}
if (flags & k_FILTER_FLAG_NO_RES_RANGE) {
switch (value.length()) {
case 1: case 0:
break;
case 2:
if (!strcmp("::", value.data())) {
RETURN_VALIDATION_FAILED
}
break;
case 3:
if (!strcmp("::1", value.data()) ||
!strcmp("5f:", value.data())) {
RETURN_VALIDATION_FAILED
}
break;
default:
if (value.length() >= 5) {
if (
!strncasecmp("fe8", value.data(), 3) ||
!strncasecmp("fe9", value.data(), 3) ||
!strncasecmp("fea", value.data(), 3) ||
!strncasecmp("feb", value.data(), 3)
) {
RETURN_VALIDATION_FAILED
}
}
if (
(value.length() >= 9 &&
!strncasecmp("2001:0db8", value.data(), 9)) ||
(value.length() >= 2 &&
!strncasecmp("5f", value.data(), 2)) ||
(value.length() >= 4 &&
!strncasecmp("3ff3", value.data(), 4)) ||
(value.length() >= 8 &&
!strncasecmp("2001:001", value.data(), 8))
) {
RETURN_VALIDATION_FAILED
}
}
}
}
break;
}
return value;
}
Variant php_filter_validate_mac(PHP_INPUT_FILTER_PARAM_DECL) {
const char *input = value.data();
int input_len = value.length();
char separator;
const char *exp_separator;
int exp_separator_set, exp_separator_len;
FETCH_STRING_OPTION(exp_separator, s_separator);
if (exp_separator_set && exp_separator_len != 1) {
raise_warning("Separator must be exactly one character long");
RETURN_VALIDATION_FAILED;
}
int tokens, length;
if (14 == input_len) {
/* EUI-64 format: Four hexadecimal digits separated by dots. Less
* commonly used but valid nonetheless.
*/
tokens = 3;
length = 4;
separator = '.';
} else if (17 == input_len && input[2] == '-') {
/* IEEE 802 format: Six hexadecimal digits separated by hyphens. */
tokens = 6;
length = 2;
separator = '-';
} else if (17 == input_len && input[2] == ':') {
/* IEEE 802 format: Six hexadecimal digits separated by colons. */
tokens = 6;
length = 2;
separator = ':';
} else {
RETURN_VALIDATION_FAILED;
}
if (exp_separator_set && separator != exp_separator[0]) {
RETURN_VALIDATION_FAILED;
}
/* Essentially what we now have is a set of tokens each consisting of
* a hexadecimal number followed by a separator character. (With the
* exception of the last token which does not have the separator.)
*/
for (int i = 0; i < tokens; i++) {
int offset = i * (length + 1);
if (i < tokens - 1 && input[offset + length] != separator) {
/* The current token did not end with e.g. a "." */
RETURN_VALIDATION_FAILED
}
long ret = 0;
if (php_filter_parse_hex(input + offset, length, &ret) < 0) {
/* The current token is no valid hexadecimal digit */
RETURN_VALIDATION_FAILED
}
}
return value;
}
Variant php_filter_callback(PHP_INPUT_FILTER_PARAM_DECL) {
if (!f_is_callable(option_array)) {
raise_warning("First argument is expected to be a valid callback");
return uninit_null();
}
return vm_call_user_func(option_array, CREATE_VECTOR1(ref(value)));
}
}
hphp/runtime/ext/filter/logical_filters.h
+38
Ver Arquivo
@@ -0,0 +1,38 @@
/*
+----------------------------------------------------------------------+
| HipHop for PHP |
+----------------------------------------------------------------------+
| Copyright (c) 2010-2013 Facebook, Inc. (http://www.facebook.com) |
| Copyright (c) 1997-2010 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| http://www.php.net/license/3_01.txt |
| If you did not receive a copy of the PHP license and are unable to |
| obtain it through the world-wide-web, please send a note to |
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
*/
#ifndef HPHP_EXT_FILTER_LOGICAL_FILTERS_H
#define HPHP_EXT_FILTER_LOGICAL_FILTERS_H
#include "hphp/runtime/ext/filter/filter_private.h"
namespace HPHP {
Variant php_filter_int(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_boolean(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_float(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_validate_regexp(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_validate_url(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_validate_ip(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_validate_mac(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_callback(PHP_INPUT_FILTER_PARAM_DECL);
}
#endif /* HPHP_EXT_FILTER_LOGICAL_FILTERS_H */
hphp/runtime/ext/filter/sanitizing_filters.cpp
+324
Ver Arquivo
@@ -0,0 +1,324 @@
/*
+----------------------------------------------------------------------+
| HipHop for PHP |
+----------------------------------------------------------------------+
| Copyright (c) 2010-2013 Facebook, Inc. (http://www.facebook.com) |
| Copyright (c) 1997-2010 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| http://www.php.net/license/3_01.txt |
| If you did not receive a copy of the PHP license and are unable to |
| obtain it through the world-wide-web, please send a note to |
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
*/
#include "hphp/runtime/ext/filter/sanitizing_filters.h"
#include "hphp/runtime/ext/ext_filter.h"
#include "hphp/runtime/ext/ext_string.h"
#include "hphp/runtime/base/complex_types.h"
#include "hphp/runtime/base/zend/zend_string.h"
namespace HPHP {
typedef unsigned long filter_map[256];
static String php_filter_encode_html(CStrRef value,
const unsigned char *chars) {
int len = value.length();
unsigned char *s = (unsigned char *)value.data();
unsigned char *e = s + len;
if (len == 0) {
return empty_string;
}
StringBuffer str(len);
while (s < e) {
if (chars[*s]) {
str += "&#";
str += s[0];
str += ';';
} else {
/* XXX: this needs to be optimized to work with blocks of 'safe' chars */
str += (char) s[0];
}
s++;
}
return str.detach();
}
static const unsigned char hexchars[] = "0123456789ABCDEF";
#define LOWALPHA "abcdefghijklmnopqrstuvwxyz"
#define HIALPHA "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
#define DIGIT "0123456789"
#define DEFAULT_URL_ENCODE LOWALPHA HIALPHA DIGIT "-._"
static Variant php_filter_encode_url(CStrRef value, const unsigned char* chars,
const int char_len, int high, int low,
int encode_nul) {
unsigned char tmp[256];
unsigned char *s = (unsigned char *)chars;
unsigned char *e = s + char_len;
int len = value.length();
if (len == 0) {
return empty_string;
}
memset(tmp, 1, sizeof(tmp)-1);
while (s < e) {
tmp[*s++] = 0;
}
StringBuffer str(len);
s = (unsigned char *)value.data();
e = s + len;
while (s < e) {
if (tmp[*s]) {
str += '%';
str += (char) hexchars[(unsigned char) *s >> 4];
str += (char) hexchars[(unsigned char) *s & 15];
} else {
str += (char) *s;
}
s++;
}
return str.detach();
}
static Variant php_filter_strip(CStrRef value, long flags) {
unsigned char *str;
int i;
int len = value.length();
if (len == 0) {
return empty_string;
}
/* Optimization for if no strip flags are set */
if (! ((flags & k_FILTER_FLAG_STRIP_LOW) ||
(flags & k_FILTER_FLAG_STRIP_HIGH)) ) {
return value;
}
str = (unsigned char *)value.data();
StringBuffer buf(len);
for (i = 0; i < len; i++) {
if ((str[i] > 127) && (flags & k_FILTER_FLAG_STRIP_HIGH)) {
} else if ((str[i] < 32) && (flags & k_FILTER_FLAG_STRIP_LOW)) {
} else if ((str[i] == '`') && (flags & k_FILTER_FLAG_STRIP_BACKTICK)) {
} else {
buf += (char) str[i];
}
}
return buf.detach();
}
static void filter_map_init(filter_map *map) {
memset(map, 0, sizeof(filter_map));
}
static void filter_map_update(filter_map *map, int flag,
const unsigned char *allowed_list) {
int l, i;
l = strlen((const char*)allowed_list);
for (i = 0; i < l; ++i) {
(*map)[allowed_list[i]] = flag;
}
}
static Variant filter_map_apply(CStrRef value, filter_map *map) {
unsigned char *str;
int i;
int len = value.length();
if (len == 0) {
return empty_string;
}
str = (unsigned char *)value.data();
StringBuffer buf(len);
for (i = 0; i < len; i++) {
if ((*map)[str[i]]) {
buf += (char) str[i];
}
}
return buf.detach();
}
Variant php_filter_string(PHP_INPUT_FILTER_PARAM_DECL) {
unsigned char enc[256] = {0};
/* strip high/strip low ( see flags )*/
String stripped(php_filter_strip(value, flags));
if (!(flags & k_FILTER_FLAG_NO_ENCODE_QUOTES)) {
enc['\''] = enc['"'] = 1;
}
if (flags & k_FILTER_FLAG_ENCODE_AMP) {
enc['&'] = 1;
}
if (flags & k_FILTER_FLAG_ENCODE_LOW) {
memset(enc, 1, 32);
}
if (flags & k_FILTER_FLAG_ENCODE_HIGH) {
memset(enc + 127, 1, sizeof(enc) - 127);
}
String encoded(php_filter_encode_html(stripped, enc));
int len = encoded.length();
char *ret = string_strip_tags(
encoded.data(), len, empty_string.data(), empty_string.length(), true
);
if (len == 0) {
if (flags & k_FILTER_FLAG_EMPTY_STRING_NULL) {
free(ret);
return uninit_null();
}
free(ret);
return empty_string;
}
// string_strip_tags mallocs this string
return String(ret, AttachString);
}
Variant php_filter_encoded(PHP_INPUT_FILTER_PARAM_DECL) {
/* apply strip_high and strip_low filters */
php_filter_strip(value, flags);
/* urlencode */
return php_filter_encode_url(
value,
(unsigned char *)DEFAULT_URL_ENCODE,
sizeof(DEFAULT_URL_ENCODE)-1,
flags & k_FILTER_FLAG_ENCODE_HIGH,
flags & k_FILTER_FLAG_ENCODE_LOW,
1
);
}
Variant php_filter_special_chars(PHP_INPUT_FILTER_PARAM_DECL) {
unsigned char enc[256] = {0};
php_filter_strip(value, flags);
/* encodes ' " < > & \0 to numerical entities */
enc['\''] = enc['"'] = enc['<'] = enc['>'] = enc['&'] = enc[0] = 1;
/* if strip low is not set, then we encode them as &#xx; */
memset(enc, 1, 32);
if (flags & k_FILTER_FLAG_ENCODE_HIGH) {
memset(enc + 127, 1, sizeof(enc) - 127);
}
return php_filter_encode_html(value, enc);
}
Variant php_filter_full_special_chars(PHP_INPUT_FILTER_PARAM_DECL) {
int quotes;
if (!(flags & k_FILTER_FLAG_NO_ENCODE_QUOTES)) {
quotes = k_ENT_QUOTES;
} else {
quotes = k_ENT_NOQUOTES;
}
return f_htmlentities(value, quotes);
}
Variant php_filter_unsafe_raw(PHP_INPUT_FILTER_PARAM_DECL) {
/* Only if no flags are set (optimization) */
if (flags != 0 && value.length() > 0) {
unsigned char enc[256] = {0};
php_filter_strip(value, flags);
if (flags & k_FILTER_FLAG_ENCODE_AMP) {
enc['&'] = 1;
}
if (flags & k_FILTER_FLAG_ENCODE_LOW) {
memset(enc, 1, 32);
}
if (flags & k_FILTER_FLAG_ENCODE_HIGH) {
memset(enc + 127, 1, sizeof(enc) - 127);
}
return php_filter_encode_html(value, enc);
} else if (flags & k_FILTER_FLAG_EMPTY_STRING_NULL && value.length() == 0) {
return uninit_null();
}
return value;
}
#define SAFE "$-_.+"
#define EXTRA "!*'(),"
#define NATIONAL "{}|\\^~[]`"
#define PUNCTUATION "<>#%\""
#define RESERVED ";/?:@&="
Variant php_filter_email(PHP_INPUT_FILTER_PARAM_DECL) {
/* Check section 6 of rfc 822 http://www.faqs.org/rfcs/rfc822.html */
const unsigned char allowed_list[] = LOWALPHA HIALPHA DIGIT \
"!#$%&'*+-=?^_`{|}~@.[]";
filter_map map;
filter_map_init(&map);
filter_map_update(&map, 1, allowed_list);
return filter_map_apply(value, &map);
}
Variant php_filter_url(PHP_INPUT_FILTER_PARAM_DECL) {
/* Strip all chars not part of section 5 of
* http://www.faqs.org/rfcs/rfc1738.html */
const unsigned char allowed_list[] = LOWALPHA HIALPHA DIGIT SAFE EXTRA \
NATIONAL PUNCTUATION RESERVED;
filter_map map;
filter_map_init(&map);
filter_map_update(&map, 1, allowed_list);
return filter_map_apply(value, &map);
}
Variant php_filter_number_int(PHP_INPUT_FILTER_PARAM_DECL) {
/* strip everything [^0-9+-] */
const unsigned char allowed_list[] = "+-" DIGIT;
filter_map map;
filter_map_init(&map);
filter_map_update(&map, 1, allowed_list);
return filter_map_apply(value, &map);
}
Variant php_filter_number_float(PHP_INPUT_FILTER_PARAM_DECL) {
/* strip everything [^0-9+-] */
const unsigned char allowed_list[] = "+-" DIGIT;
filter_map map;
filter_map_init(&map);
filter_map_update(&map, 1, allowed_list);
/* depending on flags, strip '.', 'e', ",", "'" */
if (flags & k_FILTER_FLAG_ALLOW_FRACTION) {
filter_map_update(&map, 2, (const unsigned char *) ".");
}
if (flags & k_FILTER_FLAG_ALLOW_THOUSAND) {
filter_map_update(&map, 3, (const unsigned char *) ",");
}
if (flags & k_FILTER_FLAG_ALLOW_SCIENTIFIC) {
filter_map_update(&map, 4, (const unsigned char *) "eE");
}
return filter_map_apply(value, &map);
}
Variant php_filter_magic_quotes(PHP_INPUT_FILTER_PARAM_DECL) {
/* just call addslashes quotes */
return f_addslashes(value);
}
}
hphp/runtime/ext/filter/sanitizing_filters.h
+37
Ver Arquivo
@@ -0,0 +1,37 @@
/*
+----------------------------------------------------------------------+
| HipHop for PHP |
+----------------------------------------------------------------------+
| Copyright (c) 2010-2013 Facebook, Inc. (http://www.facebook.com) |
| Copyright (c) 1997-2010 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| http://www.php.net/license/3_01.txt |
| If you did not receive a copy of the PHP license and are unable to |
| obtain it through the world-wide-web, please send a note to |
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
*/
#ifndef HPHP_EXT_FILTER_SANITIZING_FILTERS_H
#define HPHP_EXT_FILTER_SANITIZING_FILTERS_H
#include "hphp/runtime/ext/filter/filter_private.h"
namespace HPHP {
Variant php_filter_string(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_encoded(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_special_chars(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_full_special_chars(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_unsafe_raw(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_email(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_url(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_number_int(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_number_float(PHP_INPUT_FILTER_PARAM_DECL);
Variant php_filter_magic_quotes(PHP_INPUT_FILTER_PARAM_DECL);
}
#endif /* HPHP_EXT_FILTER_SANITIZING_FILTERS_H */
hphp/system/idl/filter.idl.json
+283
Ver Arquivo
@@ -0,0 +1,283 @@
{
"preamble": "",
"consts": [
{
"name": "INPUT_POST",
"type": "Int64"
},
{
"name": "INPUT_GET",
"type": "Int64"
},
{
"name": "INPUT_COOKIE",
"type": "Int64"
},
{
"name": "INPUT_ENV",
"type": "Int64"
},
{
"name": "INPUT_SERVER",
"type": "Int64"
},
{
"name": "INPUT_SESSION",
"type": "Int64"
},
{
"name": "INPUT_REQUEST",
"type": "Int64"
},
{
"name": "FILTER_FLAG_NONE",
"type": "Int64"
},
{
"name": "FILTER_REQUIRE_SCALAR",
"type": "Int64"
},
{
"name": "FILTER_REQUIRE_ARRAY",
"type": "Int64"
},
{
"name": "FILTER_FORCE_ARRAY",
"type": "Int64"
},
{
"name": "FILTER_NULL_ON_FAILURE",
"type": "Int64"
},
{
"name": "FILTER_VALIDATE_INT",
"type": "Int64"
},
{
"name": "FILTER_VALIDATE_BOOLEAN",
"type": "Int64"
},
{
"name": "FILTER_VALIDATE_FLOAT",
"type": "Int64"
},
{
"name": "FILTER_VALIDATE_REGEXP",
"type": "Int64"
},
{
"name": "FILTER_VALIDATE_URL",
"type": "Int64"
},
{
"name": "FILTER_VALIDATE_EMAIL",
"type": "Int64"
},
{
"name": "FILTER_VALIDATE_IP",
"type": "Int64"
},
{
"name": "FILTER_VALIDATE_MAC",
"type": "Int64"
},
{
"name": "FILTER_DEFAULT",
"type": "Int64"
},
{
"name": "FILTER_UNSAFE_RAW",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_STRING",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_STRIPPED",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_ENCODED",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_SPECIAL_CHARS",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_FULL_SPECIAL_CHARS",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_EMAIL",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_URL",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_NUMBER_INT",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_NUMBER_FLOAT",
"type": "Int64"
},
{
"name": "FILTER_SANITIZE_MAGIC_QUOTES",
"type": "Int64"
},
{
"name": "FILTER_CALLBACK",
"type": "Int64"
},
{
"name": "FILTER_FLAG_ALLOW_OCTAL",
"type": "Int64"
},
{
"name": "FILTER_FLAG_ALLOW_HEX",
"type": "Int64"
},
{
"name": "FILTER_FLAG_STRIP_LOW",
"type": "Int64"
},
{
"name": "FILTER_FLAG_STRIP_HIGH",
"type": "Int64"
},
{
"name": "FILTER_FLAG_ENCODE_LOW",
"type": "Int64"
},
{
"name": "FILTER_FLAG_ENCODE_HIGH",
"type": "Int64"
},
{
"name": "FILTER_FLAG_ENCODE_AMP",
"type": "Int64"
},
{
"name": "FILTER_FLAG_NO_ENCODE_QUOTES",
"type": "Int64"
},
{
"name": "FILTER_FLAG_EMPTY_STRING_NULL",
"type": "Int64"
},
{
"name": "FILTER_FLAG_STRIP_BACKTICK",
"type": "Int64"
},
{
"name": "FILTER_FLAG_ALLOW_FRACTION",
"type": "Int64"
},
{
"name": "FILTER_FLAG_ALLOW_THOUSAND",
"type": "Int64"
},
{
"name": "FILTER_FLAG_ALLOW_SCIENTIFIC",
"type": "Int64"
},
{
"name": "FILTER_FLAG_SCHEME_REQUIRED",
"type": "Int64"
},
{
"name": "FILTER_FLAG_HOST_REQUIRED",
"type": "Int64"
},
{
"name": "FILTER_FLAG_PATH_REQUIRED",
"type": "Int64"
},
{
"name": "FILTER_FLAG_QUERY_REQUIRED",
"type": "Int64"
},
{
"name": "FILTER_FLAG_IPV4",
"type": "Int64"
},
{
"name": "FILTER_FLAG_IPV6",
"type": "Int64"
},
{
"name": "FILTER_FLAG_NO_RES_RANGE",
"type": "Int64"
},
{
"name": "FILTER_FLAG_NO_PRIV_RANGE",
"type": "Int64"
}
],
"funcs": [
{
"name": "filter_list",
"desc": "Returns a list of all supported filters",
"flags": [
"HasDocComment"
],
"return": {
"type": "Variant",
"desc": "Returns an array of names of all supported filters, empty array if there are no such filters. Indexes of this array are not filter IDs, they can be obtained with filter_id() from a name instead."
},
"args": [
]
},
{
"name": "filter_id",
"desc": "Returns the filter ID belonging to a named filter",
"flags": [
"HasDocComment"
],
"return": {
"type": "Variant",
"desc": "ID of a filter on success or FALSE if filter doesn't exist."
},
"args": [
{
"name": "filtername",
"type": "String",
"desc": "Name of a filter to get."
}
]
},
{
"name": "filter_var",
"desc": "Filters a variable with a specified filter",
"flags": [
"HasDocComment"
],
"return": {
"type": "Variant",
"desc": "Returns the filtered data, or FALSE if the filter fails."
},
"args": [
{
"name": "variable",
"type": "Variant"
},
{
"name": "filter",
"type": "Int64",
"value": "516"
},
{
"name": "options",
"type": "Variant",
"value": "empty_array"
}
]
}
],
"classes": [
]
}
hphp/system/php.txt
+5 -1
Ver Arquivo
@@ -29,6 +29,11 @@ hphp/system/php/spl/iterators/IteratorIterator.php
hphp/system/php/spl/iterators/FilterIterator.php
hphp/system/php/spl/iterators/RecursiveFilterIterator.php
hphp/system/php/filter/filter_has_var.php
hphp/system/php/filter/filter_input.php
hphp/system/php/filter/filter_var_array.php
hphp/system/php/filter/filter_input_array.php
# If you have no inheritance relationship, go here in alphabetical order
hphp/system/php/DebuggerCommand.php
hphp/system/php/XhprofFrame.php
@@ -53,4 +58,3 @@ hphp/system/php/spl/iterators/AppendIterator.php
hphp/system/php/spl/iterators/ArrayIterator.php
hphp/system/php/spl/iterators/RecursiveIteratorIterator.php
hphp/system/php/spl/miscellaneous/ArrayObject.php
hphp/system/php/filter/filter_has_var.php
+37
Ver Arquivo
@@ -0,0 +1,37 @@
<?php
// This doc comment block generated by idl/sysdoc.php
/**
* ( excerpt from http://php.net/manual/en/function.filter-has-var.php )
*
*
* @type mixed One of INPUT_GET, INPUT_POST, INPUT_COOKIE,
* INPUT_SERVER, or INPUT_ENV.
* @variable_name
* mixed Name of a variable to check.
*
* @return mixed Returns TRUE on success or FALSE on failure.
*/
function filter_has_var($type, $variable_name) {
if (!is_int($type)) {
trigger_error(
'filter_has_var() expects parameter 1 to be long, '.
gettype($type).' given', E_USER_WARNING
);
return false;
}
switch ($type) {
case INPUT_GET:
return isset($_GET[$variable_name]);
case INPUT_POST:
return isset($_POST[$variable_name]);
case INPUT_COOKIE:
return isset($_COOKIE[$variable_name]);
case INPUT_SERVER:
return isset($_SERVER[$variable_name]);
case INPUT_ENV:
return isset($_ENV[$variable_name]);
}
return false;
}
hphp/system/php/filter/filter_input.php
+54
Ver Arquivo
@@ -0,0 +1,54 @@
<?php
// This doc comment block generated by idl/sysdoc.php
/**
* ( excerpt from http://php.net/manual/en/function.filter-input.php )
*
*
* @type mixed One of INPUT_GET, INPUT_POST, INPUT_COOKIE,
* INPUT_SERVER, or INPUT_ENV.
* @variable_name
* mixed Name of a variable to get.
* @filter mixed The ID of the filter to apply. The Types of filters
* manual page lists the available filters.
* @options mixed Associative array of options or bitwise disjunction
* of flags. If filter accepts options, flags can be
* provided in "flags" field of array.
*
* @return mixed Value of the requested variable on success, FALSE if
* the filter fails, or NULL if the variable_name
* variable is not set. If the flag
* FILTER_NULL_ON_FAILURE is used, it returns FALSE if
* the variable is not set and NULL if the filter
* fails.
*/
function filter_input($type, $variable_name, $filter = FILTER_DEFAULT,
$options = null) {
$var = null;
switch ($type) {
case INPUT_GET:
$var = $_GET;
break;
case INPUT_POST:
$var = $_POST;
break;
case INPUT_COOKIE:
$var = $_COOKIE;
break;
case INPUT_SERVER:
$var = $_SERVER;
break;
case INPUT_ENV:
$var = $_ENV;
break;
}
if (!isset($var[$variable_name])) {
if (is_array($options) && isset($options['options']) &&
is_array($options['options']) &&
isset($options['options']['default'])) {
return $options['options']['default'];
}
return null;
}
return filter_var($var[$variable_name], $filter, $options);
}
hphp/system/php/filter/filter_input_array.php
+56
Ver Arquivo
@@ -0,0 +1,56 @@
<?php
// This doc comment block generated by idl/sysdoc.php
/**
* ( excerpt from http://php.net/manual/en/function.filter-input-array.php
* )
*
* This function is useful for retrieving many values without repetitively
* calling filter_input().
*
* @type mixed One of INPUT_GET, INPUT_POST, INPUT_COOKIE,
* INPUT_SERVER, or INPUT_ENV.
* @definition mixed An array defining the arguments. A valid key is a
* string containing a variable name and a valid value
* is either a filter type, or an array optionally
* specifying the filter, flags and options. If the
* value is an array, valid keys are filter which
* specifies the filter type, flags which specifies any
* flags that apply to the filter, and options which
* specifies any options that apply to the filter. See
* the example below for a better understanding.
*
* This parameter can be also an integer holding a
* filter constant. Then all values in the input array
* are filtered by this filter.
* @add_empty mixed Add missing keys as NULL to the return value.
*
* @return mixed An array containing the values of the requested
* variables on success, or FALSE on failure. An array
* value will be FALSE if the filter fails, or NULL if
* the variable is not set. Or if the flag
* FILTER_NULL_ON_FAILURE is used, it returns FALSE if
* the variable is not set and NULL if the filter
* fails.
*/
function filter_input_array($type, $definition, $add_empty = true) {
$var = null;
switch ($type) {
case INPUT_GET:
$var = $_GET;
break;
case INPUT_POST:
$var = $_POST;
break;
case INPUT_COOKIE:
$var = $_COOKIE;
break;
case INPUT_SERVER:
$var = $_SERVER;
break;
case INPUT_ENV:
$var = $_ENV;
break;
}
return filter_var_array($var, $definition, $add_empty);
}
hphp/system/php/filter/filter_var_array.php
+110
Ver Arquivo
@@ -0,0 +1,110 @@
<?php
function _filter_var_array_single($value, $filter, $options = array()) {
$ret = filter_var($value, (int) $filter, $options);
$flags = isset($options['flags']) ? $options['flags'] : 0;
if ($flags & FILTER_FORCE_ARRAY && !is_array($ret)) {
$ret = array($ret);
}
if ($flags & FILTER_REQUIRE_SCALAR && is_array($ret)) {
$ret = false;
}
return $ret;
}
// This doc comment block generated by idl/sysdoc.php
/**
* ( excerpt from http://php.net/manual/en/function.filter-var-array.php )
*
* This function is useful for retrieving many values without repetitively
* calling filter_var().
*
* @data mixed An array with string keys containing the data to
* filter.
* @definition mixed An array defining the arguments. A valid key is a
* string containing a variable name and a valid value
* is either a filter type, or an array optionally
* specifying the filter, flags and options. If the
* value is an array, valid keys are filter which
* specifies the filter type, flags which specifies any
* flags that apply to the filter, and options which
* specifies any options that apply to the filter. See
* the example below for a better understanding.
*
* This parameter can be also an integer holding a
* filter constant. Then all values in the input array
* are filtered by this filter.
* @add_empty mixed Add missing keys as NULL to the return value.
*
* @return mixed An array containing the values of the requested
* variables on success, or FALSE on failure. An array
* value will be FALSE if the filter fails, or NULL if
* the variable is not set.
*/
function filter_var_array($data, $definition = null, $add_empty = true) {
if (!is_array($data)) {
trigger_error('filter_var_array() expects parameter 1 to be array, '.
gettype($data).' given', E_USER_WARNING);
return null;
}
$default_filter = null;
if (!is_array($definition)) {
if ($definition === null) {
$default_filter = FILTER_DEFAULT;
} else if (is_int($definition)) {
// A bit painful in php, exposing the IDs might be better if this is hot
$ids = array_fill_keys(array_map('filter_id', filter_list()), null);
if (!isset($ids[$definition])) {
return false;
}
$default_filter = $definition;
} else {
return false;
}
$definition = array_fill_keys(array_keys($data), null);
}
$ret = array();
foreach ($definition as $key => $def) {
if ($key === "") {
trigger_error(
'filter_var_array(): Empty keys are not allowed in the '.
'definition array',
E_USER_WARNING
);
return false;
}
if (!isset($data[$key])) {
if ($add_empty) {
$ret[$key] = null;
}
continue;
}
$value = $data[$key];
if ($default_filter) {
$ret[$key] = _filter_var_array_single($value, $default_filter);
continue;
}
if (!is_array($def)) {
$ret[$key] = _filter_var_array_single($value, $def);
continue;
}
if (!isset($def['filter'])) {
$filter = FILTER_DEFAULT;
} else {
$filter = $def['filter'];
}
$ret[$key] = _filter_var_array_single($value, $filter, $def);
}
return $ret;
}
hphp/test/zend/bad/ext-filter/009.php
+13
Ver Arquivo
@@ -0,0 +1,13 @@
<?php
var_dump(filter_id("stripped"));
var_dump(filter_id("string"));
var_dump(filter_id("url"));
var_dump(filter_id("int"));
var_dump(filter_id("none"));
var_dump(filter_id(array()));
var_dump(filter_id(-1));
var_dump(filter_id(0,0,0));
echo "Done\n";
?>
hphp/test/zend/bad/ext-filter/009.php.expectf
+11
Ver Arquivo
@@ -0,0 +1,11 @@
int(513)
int(513)
int(518)
int(257)
bool(false)
HipHop Warning: %a
NULL
bool(false)
HipHop Warning: %a
NULL
Done
hphp/test/zend/good/ext-filter/001.php
+4
Ver Arquivo
@@ -0,0 +1,4 @@
<?php
parse_str("a=1", $_GET);
$_REQUEST = array_merge($_REQUEST, $_GET);
echo $_GET['a']; ?>
hphp/test/zend/good/ext-filter/001.php.expectf
+1
Ver Arquivo
@@ -0,0 +1 @@
1
hphp/test/zend/good/ext-filter/002.php
+7
Ver Arquivo
@@ -0,0 +1,7 @@
<?php
parse_str("a=1&b=&c=3", $_GET);
$_REQUEST = array_merge($_REQUEST, $_GET);
echo $_GET['a'];
echo $_GET['b'];
echo $_GET['c'];
?>
hphp/test/zend/good/ext-filter/002.php.expectf
+1
Ver Arquivo
@@ -0,0 +1 @@
13
hphp/test/zend/good/ext-filter/003.php
+18
Ver Arquivo
@@ -0,0 +1,18 @@
<?php
parse_str("a=1&b=&c=3", $_GET);
$_REQUEST = array_merge($_REQUEST, $_GET);
parse_str("d=4&e=5", $_POST);
$_REQUEST = array_merge($_REQUEST, $_POST);
echo $_GET['a'];
echo $_GET['b'];
echo $_GET['c'];
echo $_POST['d'];
echo $_POST['e'];
echo "\n";
echo $_REQUEST['a'];
echo $_REQUEST['b'];
echo $_REQUEST['c'];
echo $_REQUEST['d'];
echo $_REQUEST['e'];
?>
hphp/test/zend/good/ext-filter/003.php.expectf
+2
Ver Arquivo
@@ -0,0 +1,2 @@
1345
1345
hphp/test/zend/good/ext-filter/006.php
+6
Ver Arquivo
@@ -0,0 +1,6 @@
<?php
parse_str("foo=<b>abc</b>", $_POST);
$_REQUEST = array_merge($_REQUEST, $_POST);
echo filter_input(INPUT_POST, 'foo', FILTER_SANITIZE_STRIPPED);
?>
hphp/test/zend/good/ext-filter/006.php.expectf
+1
Ver Arquivo
@@ -0,0 +1 @@
abc
hphp/test/zend/good/ext-filter/007.php
+30
Ver Arquivo
@@ -0,0 +1,30 @@
<?php
parse_str("a=qwe&abc=<a>href</a>", $_GET);
$_REQUEST = array_merge($_REQUEST, $_GET);
parse_str("b=qwe&bbc=<a>href</a>", $_POST);
$_REQUEST = array_merge($_REQUEST, $_POST);
var_dump(filter_has_var(INPUT_GET, "a"));
var_dump(filter_has_var(INPUT_GET, "abc"));
var_dump(filter_has_var(INPUT_GET, "nonex"));
var_dump(filter_has_var(INPUT_GET, " "));
var_dump(filter_has_var(INPUT_GET, ""));
var_dump(filter_has_var(INPUT_GET, array()));
var_dump(filter_has_var(INPUT_POST, "b"));
var_dump(filter_has_var(INPUT_POST, "bbc"));
var_dump(filter_has_var(INPUT_POST, "nonex"));
var_dump(filter_has_var(INPUT_POST, " "));
var_dump(filter_has_var(INPUT_POST, ""));
var_dump(filter_has_var(INPUT_POST, array()));
var_dump(filter_has_var(-1, ""));
var_dump(filter_has_var("", ""));
var_dump(filter_has_var(array(), array()));
var_dump(filter_has_var(array(), ""));
var_dump(filter_has_var("", array()));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/007.php.expectf
+24
Ver Arquivo
@@ -0,0 +1,24 @@
bool(true)
bool(true)
bool(false)
bool(false)
bool(false)
HipHop Warning: %a
bool(false)
bool(true)
bool(true)
bool(false)
bool(false)
bool(false)
HipHop Warning: %a
bool(false)
bool(false)
HipHop Warning: %a
bool(false)
HipHop Warning: %a
bool(false)
HipHop Warning: %a
bool(false)
HipHop Warning: %a
bool(false)
Done
hphp/test/zend/good/ext-filter/008.php
+7
Ver Arquivo
@@ -0,0 +1,7 @@
<?php
var_dump(filter_list());
var_dump(filter_list(array()));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/008.php.expectf
+45
Ver Arquivo
@@ -0,0 +1,45 @@
array(20) {
[0]=>
string(3) "int"
[1]=>
string(7) "boolean"
[2]=>
string(5) "float"
[3]=>
string(15) "validate_regexp"
[4]=>
string(12) "validate_url"
[5]=>
string(14) "validate_email"
[6]=>
string(11) "validate_ip"
[7]=>
string(12) "validate_mac"
[8]=>
string(6) "string"
[9]=>
string(8) "stripped"
[10]=>
string(7) "encoded"
[11]=>
string(13) "special_chars"
[12]=>
string(18) "full_special_chars"
[13]=>
string(10) "unsafe_raw"
[14]=>
string(5) "email"
[15]=>
string(3) "url"
[16]=>
string(10) "number_int"
[17]=>
string(12) "number_float"
[18]=>
string(12) "magic_quotes"
[19]=>
string(8) "callback"
}
HipHop Warning: %a
NULL
Done
hphp/test/zend/good/ext-filter/012.php
+8
Ver Arquivo
@@ -0,0 +1,8 @@
<?php
var_dump(filter_input(INPUT_GET, "test"));
var_dump(filter_input(INPUT_POST, "test"));
var_dump(filter_input(INPUT_COOKIE, ""));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/012.php.expectf
+4
Ver Arquivo
@@ -0,0 +1,4 @@
NULL
NULL
NULL
Done
hphp/test/zend/good/ext-filter/013.php
+37
Ver Arquivo
@@ -0,0 +1,37 @@
<?php
var_dump(filter_var(" 234", FILTER_VALIDATE_INT));
var_dump(filter_var("234 ", FILTER_VALIDATE_INT));
var_dump(filter_var(" 234 ", FILTER_VALIDATE_INT));
var_dump(filter_var("0xff", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("0Xff", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("0xFF", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("0XFF", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("07", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL)));
var_dump(filter_var("0xff0000", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("0666", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL)));
var_dump(filter_var("08", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL)));
var_dump(filter_var("00", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL)));
var_dump(filter_var("000", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL)));
var_dump(filter_var("-0xff", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("-0Xff", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("-0xFF", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("-0XFF", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("-07", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL)));
var_dump(filter_var("-0xff0000", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
var_dump(filter_var("-0666", FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL)));
var_dump(filter_var("6", FILTER_VALIDATE_INT, array("options" => array("min_range"=>1, "max_range"=>7))));
var_dump(filter_var("6", FILTER_VALIDATE_INT, array("options" => array("min_range"=>0, "max_range"=>5))));
var_dump(filter_var(-1, FILTER_VALIDATE_INT, array("options" => array("min_range"=>1, "max_range"=>7))));
var_dump(filter_var(-1, FILTER_VALIDATE_INT, array("options" => array("min_range"=>-4, "max_range"=>7))));
var_dump(filter_var("", FILTER_VALIDATE_INT, array("options" => array("min_range"=>-4, "max_range"=>7))));
var_dump(filter_var("", FILTER_VALIDATE_INT, array("options" => array("min_range"=>2, "max_range"=>7))));
var_dump(filter_var("", FILTER_VALIDATE_INT, array("options" => array("min_range"=>-5, "max_range"=>-3))));
var_dump(filter_var(345, FILTER_VALIDATE_INT, array("options" => array("min_range"=>500, "max_range"=>100))));
var_dump(filter_var("0ff", FILTER_VALIDATE_INT));
var_dump(filter_var("010", FILTER_VALIDATE_INT));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/013.php.expectf
+31
Ver Arquivo
@@ -0,0 +1,31 @@
int(234)
int(234)
int(234)
int(255)
int(255)
int(255)
int(255)
int(7)
int(16711680)
int(438)
bool(false)
int(0)
int(0)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
int(6)
bool(false)
bool(false)
int(-1)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
Done
hphp/test/zend/good/ext-filter/014.php
+31
Ver Arquivo
@@ -0,0 +1,31 @@
<?php
class test {
function __toString() {
return "blah";
}
}
$t = new test;
var_dump(filter_var("no", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var(NULL, FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var($t, FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var(array(1,2,3,0,array("", "123")), FILTER_VALIDATE_BOOLEAN, FILTER_REQUIRE_ARRAY));
var_dump(filter_var("yes", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("true", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("false", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("off", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("on", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("0", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("1", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("NONE", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var(-1, FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("000000", FILTER_VALIDATE_BOOLEAN));
var_dump(filter_var("111111", FILTER_VALIDATE_BOOLEAN));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/014.php.expectf
+33
Ver Arquivo
@@ -0,0 +1,33 @@
bool(false)
bool(false)
bool(false)
array(5) {
[0]=>
bool(true)
[1]=>
bool(false)
[2]=>
bool(false)
[3]=>
bool(false)
[4]=>
array(2) {
[0]=>
bool(false)
[1]=>
bool(false)
}
}
bool(true)
bool(true)
bool(false)
bool(false)
bool(true)
bool(false)
bool(true)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
Done
hphp/test/zend/good/ext-filter/015.php
+47
Ver Arquivo
@@ -0,0 +1,47 @@
<?php
$values = Array(
'http://example.com/index.html',
'http://www.example.com/index.php',
'http://www.example/img/test.png',
'http://www.example/img/dir/',
'http://www.example/img/dir',
'http//www.example/wrong/url/',
'http:/www.example',
'file:///tmp/test.c',
'ftp://ftp.example.com/tmp/',
'/tmp/test.c',
'/',
'http://',
'http:/',
'http:',
'http',
'',
-1,
array(),
'mailto:foo@bar.com',
'news:news.php.net',
'file://foo/bar',
"http://\r\n/bar",
"http://example.com:qq",
"http://example.com:-2",
"http://example.com:65536",
"http://example.com:65537",
);
foreach ($values as $value) {
var_dump(filter_var($value, FILTER_VALIDATE_URL));
}
var_dump(filter_var("qwe", FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED));
var_dump(filter_var("http://qwe", FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED));
var_dump(filter_var("http://", FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED));
var_dump(filter_var("/tmp/test", FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED));
var_dump(filter_var("http://www.example.com", FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED));
var_dump(filter_var("http://www.example.com", FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED));
var_dump(filter_var("http://www.example.com/path/at/the/server/", FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED));
var_dump(filter_var("http://www.example.com/index.html", FILTER_VALIDATE_URL, FILTER_FLAG_QUERY_REQUIRED));
var_dump(filter_var("http://www.example.com/index.php?a=b&c=d", FILTER_VALIDATE_URL, FILTER_FLAG_QUERY_REQUIRED));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/015.php.expectf
+36
Ver Arquivo
@@ -0,0 +1,36 @@
string(29) "http://example.com/index.html"
string(32) "http://www.example.com/index.php"
string(31) "http://www.example/img/test.png"
string(27) "http://www.example/img/dir/"
string(26) "http://www.example/img/dir"
bool(false)
bool(false)
string(18) "file:///tmp/test.c"
string(26) "ftp://ftp.example.com/tmp/"
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
string(18) "mailto:foo@bar.com"
string(17) "news:news.php.net"
string(14) "file://foo/bar"
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
string(10) "http://qwe"
bool(false)
bool(false)
string(22) "http://www.example.com"
bool(false)
string(42) "http://www.example.com/path/at/the/server/"
bool(false)
string(40) "http://www.example.com/index.php?a=b&c=d"
Done
hphp/test/zend/good/ext-filter/016.php
+24
Ver Arquivo
@@ -0,0 +1,24 @@
<?php
$values = Array(
'a@b.c',
'abuse@example.com',
'test!.!@#$%^&*@example.com',
'test@@#$%^&*())).com',
'test@.com',
'test@com',
'@',
'[]()/@example.com',
'QWERTYUIOPASDFGHJKLZXCVBNM@QWERTYUIOPASDFGHJKLZXCVBNM.NET',
'e.x.a.m.p.l.e.@example.com',
'firstname.lastname@employee.2something.com',
'-@foo.com',
'foo@-.com',
'foo@bar.123',
'foo@bar.-'
);
foreach ($values as $value) {
var_dump(filter_var($value, FILTER_VALIDATE_EMAIL));
}
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/016.php.expectf
+16
Ver Arquivo
@@ -0,0 +1,16 @@
string(5) "a@b.c"
string(17) "abuse@example.com"
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
string(57) "QWERTYUIOPASDFGHJKLZXCVBNM@QWERTYUIOPASDFGHJKLZXCVBNM.NET"
bool(false)
string(42) "firstname.lastname@employee.2something.com"
string(9) "-@foo.com"
bool(false)
bool(false)
bool(false)
Done
hphp/test/zend/good/ext-filter/017.php
+11
Ver Arquivo
@@ -0,0 +1,11 @@
<?php
var_dump(filter_var("data", FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>'/.*/'))));
var_dump(filter_var("data", FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>'/^b(.*)/'))));
var_dump(filter_var("data", FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>'/^d(.*)/'))));
var_dump(filter_var("data", FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>'/blah/'))));
var_dump(filter_var("data", FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>'/\[/'))));
var_dump(filter_var("data", FILTER_VALIDATE_REGEXP));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/017.php.expectf
+8
Ver Arquivo
@@ -0,0 +1,8 @@
string(4) "data"
bool(false)
string(4) "data"
bool(false)
bool(false)
HipHop Warning: %a
bool(false)
Done
hphp/test/zend/good/ext-filter/018.php
+25
Ver Arquivo
@@ -0,0 +1,25 @@
<?php
var_dump(filter_var("192.168.0.1", FILTER_VALIDATE_IP));
var_dump(filter_var("192.168.0.1.1", FILTER_VALIDATE_IP));
var_dump(filter_var("::1", FILTER_VALIDATE_IP));
var_dump(filter_var("fe00::0", FILTER_VALIDATE_IP));
var_dump(filter_var("::123456", FILTER_VALIDATE_IP));
var_dump(filter_var("::1::b", FILTER_VALIDATE_IP));
var_dump(filter_var("127.0.0.1", FILTER_VALIDATE_IP));
var_dump(filter_var("192.168.0.1", FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE));
var_dump(filter_var("192.0.34.166", FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE));
var_dump(filter_var("127.0.0.1", FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE));
var_dump(filter_var("192.0.0.1", FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE));
var_dump(filter_var("192.0.34.166", FILTER_VALIDATE_IP));
var_dump(filter_var("256.1237.123.1", FILTER_VALIDATE_IP));
var_dump(filter_var("255.255.255.255", FILTER_VALIDATE_IP));
var_dump(filter_var("255.255.255.255", FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE));
var_dump(filter_var("", FILTER_VALIDATE_IP));
var_dump(filter_var(-1, FILTER_VALIDATE_IP));
var_dump(filter_var("::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV4));
var_dump(filter_var("127.0.0.1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6));
var_dump(filter_var("::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6));
var_dump(filter_var("::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_RES_RANGE));
var_dump(filter_var("127.0.0.1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV4));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/018.php.expectf
+23
Ver Arquivo
@@ -0,0 +1,23 @@
string(11) "192.168.0.1"
bool(false)
string(3) "::1"
string(7) "fe00::0"
bool(false)
bool(false)
string(9) "127.0.0.1"
bool(false)
string(12) "192.0.34.166"
bool(false)
string(9) "192.0.0.1"
string(12) "192.0.34.166"
bool(false)
string(15) "255.255.255.255"
bool(false)
bool(false)
bool(false)
bool(false)
bool(false)
string(3) "::1"
bool(false)
string(9) "127.0.0.1"
Done
hphp/test/zend/good/ext-filter/019.php
+10
Ver Arquivo
@@ -0,0 +1,10 @@
<?php
var_dump(filter_var("....", FILTER_VALIDATE_IP));
var_dump(filter_var("...", FILTER_VALIDATE_IP));
var_dump(filter_var("..", FILTER_VALIDATE_IP));
var_dump(filter_var(".", FILTER_VALIDATE_IP));
var_dump(filter_var("1.1.1.1", FILTER_VALIDATE_IP));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/019.php.expectf
+6
Ver Arquivo
@@ -0,0 +1,6 @@
bool(false)
bool(false)
bool(false)
bool(false)
string(7) "1.1.1.1"
Done
hphp/test/zend/good/ext-filter/020.php
+9
Ver Arquivo
@@ -0,0 +1,9 @@
<?php
var_dump(filter_var("test'asd'asd'' asd\'\"asdfasdf", FILTER_SANITIZE_MAGIC_QUOTES));
var_dump(filter_var("'", FILTER_SANITIZE_MAGIC_QUOTES));
var_dump(filter_var("", FILTER_SANITIZE_MAGIC_QUOTES));
var_dump(filter_var(-1, FILTER_SANITIZE_MAGIC_QUOTES));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/020.php.expectf
+5
Ver Arquivo
@@ -0,0 +1,5 @@
string(36) "test\'asd\'asd\'\' asd\\\'\"asdfasdf"
string(2) "\'"
string(0) ""
string(2) "-1"
Done
hphp/test/zend/good/ext-filter/021.php
+22
Ver Arquivo
@@ -0,0 +1,22 @@
<?php
var_dump(filter_var("qwertyu123456dfghj", FILTER_SANITIZE_NUMBER_INT));
var_dump(filter_var("asd123123.asd123.23", FILTER_SANITIZE_NUMBER_INT));
var_dump(filter_var("123,23", FILTER_SANITIZE_NUMBER_INT));
var_dump(filter_var("", FILTER_SANITIZE_NUMBER_INT));
var_dump(filter_var("0", FILTER_SANITIZE_NUMBER_INT));
var_dump(filter_var("asd123.2asd", FILTER_SANITIZE_NUMBER_INT));
var_dump(filter_var("qwertyuiop", FILTER_SANITIZE_NUMBER_INT));
var_dump(filter_var("123.4", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION));
var_dump(filter_var("123,4", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION));
var_dump(filter_var("123.4", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_THOUSAND));
var_dump(filter_var("123,4", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_THOUSAND));
var_dump(filter_var("123.4e", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_SCIENTIFIC));
var_dump(filter_var("123,4E", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_SCIENTIFIC));
var_dump(filter_var("qwe123,4qwe", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION));
var_dump(filter_var("werty65456.34", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION));
var_dump(filter_var("234.56fsfd", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION));
var_dump(filter_var("", FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/021.php.expectf
+18
Ver Arquivo
@@ -0,0 +1,18 @@
string(6) "123456"
string(11) "12312312323"
string(5) "12323"
string(0) ""
string(1) "0"
string(4) "1232"
string(0) ""
string(5) "123.4"
string(4) "1234"
string(4) "1234"
string(5) "123,4"
string(5) "1234e"
string(5) "1234E"
string(4) "1234"
string(8) "65456.34"
string(6) "234.56"
string(0) ""
Done
hphp/test/zend/good/ext-filter/022.php
+10
Ver Arquivo
@@ -0,0 +1,10 @@
<?php
var_dump(filter_var("a@b.c", FILTER_SANITIZE_EMAIL));
var_dump(filter_var("a[!@#$%^&*()@a@#$%^&*(.com@#$%^&*(", FILTER_SANITIZE_EMAIL));
var_dump(filter_var("white space here \ \ \" som more", FILTER_SANITIZE_EMAIL));
var_dump(filter_var("", FILTER_SANITIZE_EMAIL));
var_dump(filter_var("123456789000000", FILTER_SANITIZE_EMAIL));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/022.php.expectf
+6
Ver Arquivo
@@ -0,0 +1,6 @@
string(5) "a@b.c"
string(30) "a[!@#$%^&*@a@#$%^&*.com@#$%^&*"
string(21) "whitespaceheresommore"
string(0) ""
string(15) "123456789000000"
Done
hphp/test/zend/good/ext-filter/023.php
+10
Ver Arquivo
@@ -0,0 +1,10 @@
<?php
var_dump(filter_var("}\"<p>test para</p>", FILTER_UNSAFE_RAW, FILTER_FLAG_ENCODE_AMP));
var_dump(filter_var("a[!@#<b>$%^&*()@a@#$%^&*(.<br>com@#$%^&*(", FILTER_UNSAFE_RAW, FILTER_FLAG_ENCODE_AMP));
var_dump(filter_var("white space here \ \ \" some more", FILTER_UNSAFE_RAW, FILTER_FLAG_ENCODE_AMP));
var_dump(filter_var("", FILTER_UNSAFE_RAW, FILTER_FLAG_ENCODE_AMP));
var_dump(filter_var(" 123456789000000 <qwertyuiop> ", FILTER_UNSAFE_RAW, FILTER_FLAG_ENCODE_AMP));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/023.php.expectf
+6
Ver Arquivo
@@ -0,0 +1,6 @@
string(18) "}"<p>test para</p>"
string(53) "a[!@#<b>$%^&#38;*()@a@#$%^&#38;*(.<br>com@#$%^&#38;*("
string(32) "white space here \ \ " some more"
string(0) ""
string(48) " 123456789000000 <qwertyuiop> "
Done
hphp/test/zend/good/ext-filter/024.php
+9
Ver Arquivo
@@ -0,0 +1,9 @@
<?php
var_dump(filter_var("\"<br>blah</ph>", FILTER_SANITIZE_ENCODED));
var_dump(filter_var("", FILTER_SANITIZE_ENCODED));
var_dump(filter_var(" text here ", FILTER_SANITIZE_ENCODED));
var_dump(filter_var("!@#$%^&*()QWERTYUIOP{ASDFGHJKL:\"ZXCVBNM<>?", FILTER_SANITIZE_ENCODED));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/024.php.expectf
+5
Ver Arquivo
@@ -0,0 +1,5 @@
string(26) "%22%3Cbr%3Eblah%3C%2Fph%3E"
string(0) ""
string(23) "%20%20text%20here%20%20"
string(74) "%21%40%23%24%25%5E%26%2A%28%29QWERTYUIOP%7BASDFGHJKL%3A%22ZXCVBNM%3C%3E%3F"
Done
hphp/test/zend/good/ext-filter/025.php
+12
Ver Arquivo
@@ -0,0 +1,12 @@
<?php
var_dump(filter_var("", FILTER_SANITIZE_STRING));
var_dump(filter_var("<>", FILTER_SANITIZE_STRING));
var_dump(filter_var("<>!@#$%^&*()'\"", FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
var_dump(filter_var("<>!@#$%^&*()'\"", FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP));
var_dump(filter_var("<>`1234567890", FILTER_SANITIZE_STRING));
var_dump(filter_var("`123`", FILTER_SANITIZE_STRING));
var_dump(filter_var(".", FILTER_SANITIZE_STRING));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/025.php.expectf
+8
Ver Arquivo
@@ -0,0 +1,8 @@
string(0) ""
string(0) ""
string(12) "!@#$%^&*()'""
string(24) "!@#$%^&#38;*()&#39;&#34;"
string(11) "`1234567890"
string(5) "`123`"
string(1) "."
Done
hphp/test/zend/good/ext-filter/026.php
+16
Ver Arquivo
@@ -0,0 +1,16 @@
<?php
var_dump(filter_var("<p>Let me <font color=\"#000000\">see</font> you <br /><b>Stripped</b> down to the bone</p>", FILTER_SANITIZE_STRIPPED));
var_dump(filter_var("!@#$%^&*()><<>+_\"'<br><p /><li />", FILTER_SANITIZE_STRIPPED));
var_dump(filter_var("", FILTER_SANITIZE_STRIPPED));
var_dump(filter_var("<p>Let me <font color=\"#000000\">see</font> you <br /><b>Stripped</b> down to the bone</p>", FILTER_SANITIZE_STRIPPED, FILTER_FLAG_STRIP_LOW));
var_dump(filter_var("!@#$%^&*()><<>+_\"'<br><p /><li />", FILTER_SANITIZE_STRIPPED, FILTER_FLAG_STRIP_LOW));
var_dump(filter_var("", FILTER_SANITIZE_STRIPPED, FILTER_FLAG_STRIP_LOW));
var_dump(filter_var("<p>Let me <font color=\"#000000\">see</font> you <br /><b>Stripped</b> down to the bone</p>", FILTER_SANITIZE_STRIPPED, FILTER_FLAG_STRIP_HIGH));
var_dump(filter_var("!@#$%^&*()><<>+_\"'<br><p /><li />", FILTER_SANITIZE_STRIPPED, FILTER_FLAG_STRIP_HIGH));
var_dump(filter_var("", FILTER_SANITIZE_STRIPPED, FILTER_FLAG_STRIP_HIGH));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/026.php.expectf
+10
Ver Arquivo
@@ -0,0 +1,10 @@
string(40) "Let me see you Stripped down to the bone"
string(11) "!@#$%^&*()>"
string(0) ""
string(40) "Let me see you Stripped down to the bone"
string(11) "!@#$%^&*()>"
string(0) ""
string(40) "Let me see you Stripped down to the bone"
string(11) "!@#$%^&*()>"
string(0) ""
Done
hphp/test/zend/good/ext-filter/027.php
+16
Ver Arquivo
@@ -0,0 +1,16 @@
<?php
var_dump(filter_var("?><!@#$%^&*()}{~Qwertyuilfdsasdfgmnbvcxcvbn", FILTER_SANITIZE_ENCODED));
var_dump(filter_var("<data&sons>", FILTER_SANITIZE_ENCODED));
var_dump(filter_var("", FILTER_SANITIZE_ENCODED));
var_dump(filter_var("?><!@#$%^&*()}{~Qwertyuilfdsasdfgmnbvcxcvbn", FILTER_SANITIZE_ENCODED, FILTER_FLAG_ENCODE_LOW));
var_dump(filter_var("<data&sons>", FILTER_SANITIZE_ENCODED, FILTER_FLAG_ENCODE_LOW));
var_dump(filter_var("", FILTER_SANITIZE_ENCODED, FILTER_FLAG_ENCODE_LOW));
var_dump(filter_var("?><!@#$%^&*()}{~Qwertyuilfdsasdfgmnbvcxcvbn", FILTER_SANITIZE_ENCODED, FILTER_FLAG_ENCODE_HIGH));
var_dump(filter_var("<data&sons>", FILTER_SANITIZE_ENCODED, FILTER_FLAG_ENCODE_HIGH));
var_dump(filter_var("", FILTER_SANITIZE_ENCODED, FILTER_FLAG_ENCODE_HIGH));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/027.php.expectf
+10
Ver Arquivo
@@ -0,0 +1,10 @@
string(75) "%3F%3E%3C%21%40%23%24%25%5E%26%2A%28%29%7D%7B%7EQwertyuilfdsasdfgmnbvcxcvbn"
string(17) "%3Cdata%26sons%3E"
string(0) ""
string(75) "%3F%3E%3C%21%40%23%24%25%5E%26%2A%28%29%7D%7B%7EQwertyuilfdsasdfgmnbvcxcvbn"
string(17) "%3Cdata%26sons%3E"
string(0) ""
string(75) "%3F%3E%3C%21%40%23%24%25%5E%26%2A%28%29%7D%7B%7EQwertyuilfdsasdfgmnbvcxcvbn"
string(17) "%3Cdata%26sons%3E"
string(0) ""
Done
hphp/test/zend/good/ext-filter/028.php
+19
Ver Arquivo
@@ -0,0 +1,19 @@
<?php
var_dump(filter_var("?><!@#$%^&*()}{~Qwertyuilfdsasdfgmnbvcxcvbn", FILTER_SANITIZE_SPECIAL_CHARS));
var_dump(filter_var("<data&sons>", FILTER_SANITIZE_SPECIAL_CHARS));
var_dump(filter_var("", FILTER_SANITIZE_SPECIAL_CHARS));
var_dump(filter_var("?><!@#$%^&*()}{~Qwertyuilfdsasdfgmnbvcxcvbn", FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_ENCODE_LOW));
var_dump(filter_var("<data&sons>", FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_ENCODE_LOW));
var_dump(filter_var("", FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_ENCODE_LOW));
var_dump(filter_var("?><!@#$%^&*()}{~Qwertyuilfdsasdfgmnbvcxcvbn", FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH));
var_dump(filter_var("<data&sons>", FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH));
var_dump(filter_var("", FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH));
var_dump(filter_var("кириллица", FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH));
var_dump(filter_var("кириллица", FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_ENCODE_LOW));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/028.php.expectf
+12
Ver Arquivo
@@ -0,0 +1,12 @@
string(55) "?&#62;&#60;!@#$%^&#38;*()}{~Qwertyuilfdsasdfgmnbvcxcvbn"
string(23) "&#60;data&#38;sons&#62;"
string(0) ""
string(55) "?&#62;&#60;!@#$%^&#38;*()}{~Qwertyuilfdsasdfgmnbvcxcvbn"
string(23) "&#60;data&#38;sons&#62;"
string(0) ""
string(55) "?&#62;&#60;!@#$%^&#38;*()}{~Qwertyuilfdsasdfgmnbvcxcvbn"
string(23) "&#60;data&#38;sons&#62;"
string(0) ""
string(108) "&#208;&#186;&#208;&#184;&#209;&#128;&#208;&#184;&#208;&#187;&#208;&#187;&#208;&#184;&#209;&#134;&#208;&#176;"
string(18) "кириллица"
Done
hphp/test/zend/good/ext-filter/029.php
+72
Ver Arquivo
@@ -0,0 +1,72 @@
<?php
/* Simple callback function */
function test($var) {
return strtoupper($var);
}
var_dump(filter_var("data", FILTER_CALLBACK, array("options"=>"test")));
var_dump(filter_var("~!@#$%^&*()_QWERTYUIOPASDFGHJKLZXCVBNM<>>?\"}{:", FILTER_CALLBACK, array("options"=>"test")));
var_dump(filter_var("", FILTER_CALLBACK, array("options"=>"test")));
var_dump(filter_var("qwe", FILTER_CALLBACK, array("options"=>"no such func")));
var_dump(filter_var("qwe", FILTER_CALLBACK, array("options"=>"")));
var_dump(filter_var("qwe", FILTER_CALLBACK));
/* Simple class method callback */
class test_class {
static function test ($var) {
return strtolower($var);
}
}
var_dump(filter_var("dAtA", FILTER_CALLBACK, array("options"=>array("test_class", "test"))));
var_dump(filter_var("~!@#$%^&*()_QWERTYUIOPASDFGHJKLZXCVBNM<>>?\"}{:", FILTER_CALLBACK, array("options"=>array("test_class","test"))));
var_dump(filter_var("", FILTER_CALLBACK, array("options"=>array("test_class","test"))));
/* empty function without return value */
function test1($var) {
}
var_dump(filter_var("data", FILTER_CALLBACK, array("options"=>"test1")));
var_dump(filter_var("~!@#$%^&*()_QWERTYUIOPASDFGHJKLZXCVBNM<>>?\"}{:", FILTER_CALLBACK, array("options"=>"test1")));
var_dump(filter_var("", FILTER_CALLBACK, array("options"=>"test1")));
/* attempting to change data by reference */
function test2(&$var) {
$var = 1;
}
var_dump(filter_var("data", FILTER_CALLBACK, array("options"=>"test2")));
var_dump(filter_var("~!@#$%^&*()_QWERTYUIOPASDFGHJKLZXCVBNM<>>?\"}{:", FILTER_CALLBACK, array("options"=>"test2")));
var_dump(filter_var("", FILTER_CALLBACK, array("options"=>"test2")));
/* unsetting data */
function test3(&$var) {
unset($var);
}
var_dump(filter_var("data", FILTER_CALLBACK, array("options"=>"test3")));
var_dump(filter_var("~!@#$%^&*()_QWERTYUIOPASDFGHJKLZXCVBNM<>>?\"}{:", FILTER_CALLBACK, array("options"=>"test3")));
var_dump(filter_var("", FILTER_CALLBACK, array("options"=>"test3")));
/* unset data and return value */
function test4(&$var) {
unset($var);
return 1;
}
var_dump(filter_var("data", FILTER_CALLBACK, array("options"=>"test4")));
/* thrown exception in the callback */
function test5(&$var) {
throw new Exception("test");
}
try {
var_dump(filter_var("data", FILTER_CALLBACK, array("options"=>"test5")));
} catch (Exception $e) {
var_dump($e->getMessage());
}
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/029.php.expectf
+24
Ver Arquivo
@@ -0,0 +1,24 @@
string(4) "DATA"
string(46) "~!@#$%^&*()_QWERTYUIOPASDFGHJKLZXCVBNM<>>?"}{:"
string(0) ""
HipHop Warning: %a
NULL
HipHop Warning: %a
NULL
HipHop Warning: %a
NULL
string(4) "data"
string(46) "~!@#$%^&*()_qwertyuiopasdfghjklzxcvbnm<>>?"}{:"
string(0) ""
NULL
NULL
NULL
NULL
NULL
NULL
NULL
NULL
NULL
int(1)
string(4) "test"
Done
hphp/test/zend/good/ext-filter/030.php
+57
Ver Arquivo
@@ -0,0 +1,57 @@
<?php
$ipv6_test = array(
"::127.0.0.1" => true,
"FF01::101:127.0.1" => false,
"FF01:0:0:0:101:127.0.1.1" => false,
"FF01:0:0:0:237:101:127.0.1.1" => true,
"FF01::101" => true,
"A1080::8:800:200C:417A" => false,
"1080::8:Z00:200C:417A" => false,
"FF01::101::1" => false,
"1080::8:800:200C:417A" => true,
"1080:0:0:0:8:800:200C:417A" => true,
"2001:ec8:1:1:1:1:1:1" => true,
"ffff::FFFF:129.144.52.38" => true,
"::ffff:1.2.3.4" => true,
"0:0:0:0:0:FFFF:129.144.52.38" => true,
"0:0:0:0:0:0:13.1.68.3" => true,
"0:0:0:0:0:0:0:13.1.68.3" => false,
"::13.1.68.3" => true,
"::FFFF:129.144.52.38" => true,
"1:2:3:4:5:6::129.144.52.38" => false,
"::1:2:3:4:5:6:129.144.52.38" => false,
"1:2:3::4:5:6:129.144.52.38" => false,
"1:2:3:4::5:6:7:8" => false,
"::1:2:3:4:5:6:7" => true,
"::1:2:3:4:5:6:7:8" => false,
"1:2:3:4:5:6:7::" => true,
"1:2:3:4:5:6:7:8::" => false,
"1:2:3:4:5:6:7::8" => false,
"1:2:3:4:5:6:7:8g" => false,
"1:2:3:4:5:6:7:g" => false,
"1:2:3:4:5g:6:7:8" => false,
'a:b:c:d:e::1.2.3.4' => true,
'::0:a:b:c:d:e:f' => true,
'0:a:b:c:d:e:f::' => true,
':::1.2.3.4' => false,
'8:::1.2.3.4' => false,
'::01.02.03.04' => false,
'::1.00.3.4' => false,
'0:0:0:255.255.255.255' => false,
'0:0:0::255.255.255.255' => true,
);
foreach ($ipv6_test as $ip => $exp) {
$out = filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6);
$out = (int) ($out === false ? 0 : 1);
if ($exp != $out) {
echo "$ip failed (expected ", $exp?"true":"false", ", got ",
$out?"true":"false", ")\n";
}
}
echo "Ok\n";
?>
hphp/test/zend/good/ext-filter/030.php.expectf
+1
Ver Arquivo
@@ -0,0 +1 @@
Ok
hphp/test/zend/good/ext-filter/032.php
+31
Ver Arquivo
@@ -0,0 +1,31 @@
<?php
$data = array(
'product_id' => 'libgd<script>',
'component' => '10dhsajkkdhk <do>',
'versions' => '2.0.33',
'testscalar' => array('2','23','10','12'),
'testarray' => '2',
);
$args = array(
'product_id' => FILTER_SANITIZE_ENCODED,
'component' => array(//'filter' => FILTER_VALIDATE_INT,
'flags' => FILTER_FORCE_ARRAY,
'options' => array("min_range"=>1, "max_range"=>10)
),
'versions' => array(
'filter' => FILTER_SANITIZE_ENCODED,
'flags' => FILTER_REQUIRE_SCALAR,
),
'doesnotexist' => FILTER_VALIDATE_INT,
'testscalar' => FILTER_VALIDATE_INT,
'testarray' => array(
'filter' => FILTER_VALIDATE_INT,
'flags' => FILTER_FORCE_ARRAY,
)
);
$myinputs = filter_var_array($data, $args);
var_dump($myinputs);
?>
hphp/test/zend/good/ext-filter/032.php.expectf
+20
Ver Arquivo
@@ -0,0 +1,20 @@
array(6) {
["product_id"]=>
string(17) "libgd%3Cscript%3E"
["component"]=>
array(1) {
[0]=>
string(17) "10dhsajkkdhk <do>"
}
["versions"]=>
string(6) "2.0.33"
["doesnotexist"]=>
NULL
["testscalar"]=>
bool(false)
["testarray"]=>
array(1) {
[0]=>
int(2)
}
}
hphp/test/zend/good/ext-filter/034.php
+26
Ver Arquivo
@@ -0,0 +1,26 @@
<?php
$booleans = array(
'1' => true,
'On' => true,
'Off' => true,
'True' => true,
'TrUe' => true,
'oN' => true,
'0' => false,
'Off' => false,
'False' => false,
'faLsE' => false,
'oFf' => false,
'' => false
);
foreach($booleans as $val=>$exp) {
$res =filter_var($val, FILTER_VALIDATE_BOOLEAN);
if ($res !== $exp) {
echo "$val failed,'$exp' expect, '$res' received.\n";
}
}
echo "Ok.";
?>
hphp/test/zend/good/ext-filter/034.php.expectf
+1
Ver Arquivo
@@ -0,0 +1 @@
Ok.
hphp/test/zend/good/ext-filter/035.php
+20
Ver Arquivo
@@ -0,0 +1,20 @@
<?php
parse_str("ar[elm1]=1234&ar[elm2]=0660&a=0234", $_GET);
$_REQUEST = array_merge($_REQUEST, $_GET);
parse_str("d=379", $_POST);
$_REQUEST = array_merge($_REQUEST, $_POST);
$ret = filter_input(INPUT_GET, 'a', FILTER_VALIDATE_INT);
var_dump($ret);
$ret = filter_input(INPUT_GET, 'a', FILTER_VALIDATE_INT, array('flags'=>FILTER_FLAG_ALLOW_OCTAL));
var_dump($ret);
$ret = filter_input(INPUT_GET, 'ar', FILTER_VALIDATE_INT, array('flags'=>FILTER_REQUIRE_ARRAY));
var_dump($ret);
$ret = filter_input(INPUT_GET, 'ar', FILTER_VALIDATE_INT, array('flags'=>FILTER_FLAG_ALLOW_OCTAL|FILTER_REQUIRE_ARRAY));
var_dump($ret);
?>
hphp/test/zend/good/ext-filter/035.php.expectf
+14
Ver Arquivo
@@ -0,0 +1,14 @@
bool(false)
int(156)
array(2) {
["elm1"]=>
int(1234)
["elm2"]=>
bool(false)
}
array(2) {
["elm1"]=>
int(1234)
["elm2"]=>
int(432)
}
hphp/test/zend/good/ext-filter/036.php
+19
Ver Arquivo
@@ -0,0 +1,19 @@
<?php
$var = "1";
$data = array();
$data["test1"] = 1;
$data["test2"] = &$var;
$args = array();
$args["test1"] = FILTER_VALIDATE_INT;
$args["test2"] = FILTER_VALIDATE_INT;
$ret = filter_var_array($data, $args);
var_dump($ret);
var_dump($data); //should be separated, i.e. not reference anymore. looks like we can't change this, or it'd change the original zval instead..
var_dump($var); //should be still string(1) "1"
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/036.php.expectf
+14
Ver Arquivo
@@ -0,0 +1,14 @@
array(2) {
["test1"]=>
int(1)
["test2"]=>
int(1)
}
array(2) {
["test1"]=>
int(1)
["test2"]=>
&string(1) "1"
}
string(1) "1"
Done
hphp/test/zend/good/ext-filter/037.php
+27
Ver Arquivo
@@ -0,0 +1,27 @@
<?php
parse_str("a=1&b=2", $_GET);
$_REQUEST = array_merge($_REQUEST, $_GET);
function myfunc($val) {
return $val . '_callback';
}
echo filter_input(INPUT_GET, 'a', FILTER_CALLBACK, array("options"=>'myfunc'));
echo "\n";
echo filter_input(INPUT_GET, 'b', FILTER_VALIDATE_INT);
echo "\n";
$data = "data";
echo filter_var($data, FILTER_CALLBACK, array("options"=>'myfunc'));
echo "\n";
$res = filter_input_array(INPUT_GET, array(
'a' => array(
'filter' => FILTER_CALLBACK,
'options' => 'myfunc'
),
'b' => FILTER_VALIDATE_INT
)
);
var_dump($res);
?>
hphp/test/zend/good/ext-filter/037.php.expectf
+9
Ver Arquivo
@@ -0,0 +1,9 @@
1_callback
2
data_callback
array(2) {
["a"]=>
string(10) "1_callback"
["b"]=>
int(2)
}
hphp/test/zend/good/ext-filter/038.php
+33
Ver Arquivo
@@ -0,0 +1,33 @@
<?php
$var = 12;
$res = filter_var($var, FILTER_VALIDATE_INT, array('flags'=>FILTER_FLAG_ALLOW_OCTAL));
var_dump($res);
$var = array(12);
$res = filter_var($var, FILTER_VALIDATE_INT, array('flags'=>FILTER_FLAG_ALLOW_OCTAL));
var_dump($res);
$var = 12;
$res = filter_var($var, FILTER_VALIDATE_INT, array('flags'=>FILTER_FLAG_ALLOW_OCTAL|FILTER_FORCE_ARRAY));
var_dump($res);
$var = 12;
$res = filter_var($var, FILTER_VALIDATE_INT, array('flags'=>FILTER_FLAG_ALLOW_OCTAL|FILTER_REQUIRE_ARRAY));
var_dump($res);
$var = array(12);
$res = filter_var($var, FILTER_VALIDATE_INT, array('flags'=>FILTER_FLAG_ALLOW_OCTAL|FILTER_REQUIRE_ARRAY));
var_dump($res);
$var = array(12);
$res = filter_var($var, FILTER_VALIDATE_INT, array('flags'=>FILTER_FLAG_ALLOW_OCTAL|FILTER_FORCE_ARRAY|FILTER_REQUIRE_ARRAY));
var_dump($res);
$var = array(12);
$res = filter_var($var, FILTER_VALIDATE_INT, array('flags'=>FILTER_FLAG_ALLOW_OCTAL|FILTER_FORCE_ARRAY));
var_dump($res);
?>
hphp/test/zend/good/ext-filter/038.php.expectf
+19
Ver Arquivo
@@ -0,0 +1,19 @@
int(12)
bool(false)
array(1) {
[0]=>
int(12)
}
bool(false)
array(1) {
[0]=>
int(12)
}
array(1) {
[0]=>
int(12)
}
array(1) {
[0]=>
int(12)
}
hphp/test/zend/good/ext-filter/039.php
+46
Ver Arquivo
@@ -0,0 +1,46 @@
<?php
echo "-- (1)\n";
var_dump(filter_var_array(NULL));
var_dump(filter_var_array(array()));
var_dump(filter_var_array(array(1,"blah"=>"hoho")));
var_dump(filter_var_array(array(), -1));
var_dump(filter_var_array(array(), 1000000));
var_dump(filter_var_array(array(), ""));
echo "-- (2)\n";
var_dump(filter_var_array(array(""=>""), -1));
var_dump(filter_var_array(array(""=>""), 1000000));
var_dump(filter_var_array(array(""=>""), ""));
echo "-- (3)\n";
var_dump(filter_var_array(array("aaa"=>"bbb"), -1));
var_dump(filter_var_array(array("aaa"=>"bbb"), 1000000));
var_dump(filter_var_array(array("aaa"=>"bbb"), ""));
echo "-- (4)\n";
var_dump(filter_var_array(array(), new stdclass));
var_dump(filter_var_array(array(), array()));
var_dump(filter_var_array(array(), array("var_name"=>1)));
var_dump(filter_var_array(array(), array("var_name"=>-1)));
var_dump(filter_var_array(array("var_name"=>""), array("var_name"=>-1)));
echo "-- (5)\n";
var_dump(filter_var_array(array("var_name"=>""), array("var_name"=>-1, "asdas"=>"asdasd", "qwe"=>"rty", ""=>"")));
var_dump(filter_var_array(array("asdas"=>"text"), array("var_name"=>-1, "asdas"=>"asdasd", "qwe"=>"rty", ""=>"")));
$a = array(""=>""); $b = -1;
var_dump(filter_var_array($a, $b));
var_dump($a, $b);
$a = array(""=>""); $b = 100000;
var_dump(filter_var_array($a, $b));
var_dump($a, $b);
$a = array(""=>""); $b = "";
var_dump(filter_var_array($a, $b));
var_dump($a, $b);
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/039.php.expectf
+62
Ver Arquivo
@@ -0,0 +1,62 @@
-- (1)
HipHop Warning: %a
NULL
array(0) {
}
array(2) {
[0]=>
string(1) "1"
["blah"]=>
string(4) "hoho"
}
bool(false)
bool(false)
bool(false)
-- (2)
bool(false)
bool(false)
bool(false)
-- (3)
bool(false)
bool(false)
bool(false)
-- (4)
bool(false)
array(0) {
}
array(1) {
["var_name"]=>
NULL
}
array(1) {
["var_name"]=>
NULL
}
array(1) {
["var_name"]=>
string(0) ""
}
-- (5)
HipHop Warning: %a
bool(false)
HipHop Warning: %a
bool(false)
bool(false)
array(1) {
[""]=>
string(0) ""
}
int(-1)
bool(false)
array(1) {
[""]=>
string(0) ""
}
int(100000)
bool(false)
array(1) {
[""]=>
string(0) ""
}
string(0) ""
Done
hphp/test/zend/good/ext-filter/040.php
+23
Ver Arquivo
@@ -0,0 +1,23 @@
<?php
parse_str("a=1&b=2&c=0", $_GET);
$_REQUEST = array_merge($_REQUEST, $_GET);
parse_str("ap[]=1&bp=test&cp=", $_POST);
$_REQUEST = array_merge($_REQUEST, $_POST);
var_dump(filter_has_var());
var_dump(filter_has_var(INPUT_GET,""));
var_dump(filter_has_var(INPUT_GET,array()));
var_dump(filter_has_var(INPUT_POST, "ap"));
var_dump(filter_has_var(INPUT_POST, "cp"));
var_dump(filter_has_var(INPUT_GET, "a"));
var_dump(filter_has_var(INPUT_GET, "c"));
var_dump(filter_has_var(INPUT_GET, "abc"));
var_dump(filter_has_var(INPUT_GET, "cc"));
var_dump(filter_has_var(-1, "cc"));
var_dump(filter_has_var(0, "cc"));
var_dump(filter_has_var("", "cc"));
echo "Done\n";
?>
hphp/test/zend/good/ext-filter/040.php.expectf
+16
Ver Arquivo
@@ -0,0 +1,16 @@
HipHop Warning: %a
bool(false)
bool(false)
HipHop Warning: %a
bool(false)
bool(true)
bool(true)
bool(true)
bool(true)
bool(false)
bool(false)
bool(false)
bool(false)
HipHop Warning: %a
bool(false)
Done
hphp/test/zend/good/ext-filter/042.php
+11
Ver Arquivo
@@ -0,0 +1,11 @@
<?php
$var = 'XYZ< script>alert(/ext/filter+bypass/);< /script>ABC';
$a = filter_var($var, FILTER_SANITIZE_STRING, array("flags" => FILTER_FLAG_STRIP_LOW));
echo $a . "\n";
$var = 'XYZ<
script>alert(/ext/filter+bypass/);<
/script>ABC';
$a = filter_var($var, FILTER_SANITIZE_STRING, array("flags" => FILTER_FLAG_STRIP_LOW));
echo $a . "\n";
?>
hphp/test/zend/good/ext-filter/042.php.expectf
+2
Ver Arquivo
@@ -0,0 +1,2 @@
XYZalert(/ext/filter+bypass/);ABC
XYZalert(/ext/filter+bypass/);ABC
hphp/test/zend/good/ext-filter/043.php
+7
Ver Arquivo
@@ -0,0 +1,7 @@
<?php
$flags = FILTER_FLAG_ENCODE_AMP|FILTER_FLAG_ENCODE_LOW|FILTER_FLAG_ENCODE_HIGH;
for ($i = 0; $i < 256; $i++) {
var_dump(filter_var(chr($i), FILTER_SANITIZE_STRING, array("flags" => $flags)));
}
?>
hphp/test/zend/good/ext-filter/043.php.expectf
+256
Ver Arquivo
@@ -0,0 +1,256 @@
string(4) "&#0;"
string(4) "&#1;"
string(4) "&#2;"
string(4) "&#3;"
string(4) "&#4;"
string(4) "&#5;"
string(4) "&#6;"
string(4) "&#7;"
string(4) "&#8;"
string(4) "&#9;"
string(5) "&#10;"
string(5) "&#11;"
string(5) "&#12;"
string(5) "&#13;"
string(5) "&#14;"
string(5) "&#15;"
string(5) "&#16;"
string(5) "&#17;"
string(5) "&#18;"
string(5) "&#19;"
string(5) "&#20;"
string(5) "&#21;"
string(5) "&#22;"
string(5) "&#23;"
string(5) "&#24;"
string(5) "&#25;"
string(5) "&#26;"
string(5) "&#27;"
string(5) "&#28;"
string(5) "&#29;"
string(5) "&#30;"
string(5) "&#31;"
string(1) " "
string(1) "!"
string(5) "&#34;"
string(1) "#"
string(1) "$"
string(1) "%"
string(5) "&#38;"
string(5) "&#39;"
string(1) "("
string(1) ")"
string(1) "*"
string(1) "+"
string(1) ","
string(1) "-"
string(1) "."
string(1) "/"
string(1) "0"
string(1) "1"
string(1) "2"
string(1) "3"
string(1) "4"
string(1) "5"
string(1) "6"
string(1) "7"
string(1) "8"
string(1) "9"
string(1) ":"
string(1) ";"
string(0) ""
string(1) "="
string(1) ">"
string(1) "?"
string(1) "@"
string(1) "A"
string(1) "B"
string(1) "C"
string(1) "D"
string(1) "E"
string(1) "F"
string(1) "G"
string(1) "H"
string(1) "I"
string(1) "J"
string(1) "K"
string(1) "L"
string(1) "M"
string(1) "N"
string(1) "O"
string(1) "P"
string(1) "Q"
string(1) "R"
string(1) "S"
string(1) "T"
string(1) "U"
string(1) "V"
string(1) "W"
string(1) "X"
string(1) "Y"
string(1) "Z"
string(1) "["
string(1) "\"
string(1) "]"
string(1) "^"
string(1) "_"
string(1) "`"
string(1) "a"
string(1) "b"
string(1) "c"
string(1) "d"
string(1) "e"
string(1) "f"
string(1) "g"
string(1) "h"
string(1) "i"
string(1) "j"
string(1) "k"
string(1) "l"
string(1) "m"
string(1) "n"
string(1) "o"
string(1) "p"
string(1) "q"
string(1) "r"
string(1) "s"
string(1) "t"
string(1) "u"
string(1) "v"
string(1) "w"
string(1) "x"
string(1) "y"
string(1) "z"
string(1) "{"
string(1) "|"
string(1) "}"
string(1) "~"
string(6) "&#127;"
string(6) "&#128;"
string(6) "&#129;"
string(6) "&#130;"
string(6) "&#131;"
string(6) "&#132;"
string(6) "&#133;"
string(6) "&#134;"
string(6) "&#135;"
string(6) "&#136;"
string(6) "&#137;"
string(6) "&#138;"
string(6) "&#139;"
string(6) "&#140;"
string(6) "&#141;"
string(6) "&#142;"
string(6) "&#143;"
string(6) "&#144;"
string(6) "&#145;"
string(6) "&#146;"
string(6) "&#147;"
string(6) "&#148;"
string(6) "&#149;"
string(6) "&#150;"
string(6) "&#151;"
string(6) "&#152;"
string(6) "&#153;"
string(6) "&#154;"
string(6) "&#155;"
string(6) "&#156;"
string(6) "&#157;"
string(6) "&#158;"
string(6) "&#159;"
string(6) "&#160;"
string(6) "&#161;"
string(6) "&#162;"
string(6) "&#163;"
string(6) "&#164;"
string(6) "&#165;"
string(6) "&#166;"
string(6) "&#167;"
string(6) "&#168;"
string(6) "&#169;"
string(6) "&#170;"
string(6) "&#171;"
string(6) "&#172;"
string(6) "&#173;"
string(6) "&#174;"
string(6) "&#175;"
string(6) "&#176;"
string(6) "&#177;"
string(6) "&#178;"
string(6) "&#179;"
string(6) "&#180;"
string(6) "&#181;"
string(6) "&#182;"
string(6) "&#183;"
string(6) "&#184;"
string(6) "&#185;"
string(6) "&#186;"
string(6) "&#187;"
string(6) "&#188;"
string(6) "&#189;"
string(6) "&#190;"
string(6) "&#191;"
string(6) "&#192;"
string(6) "&#193;"
string(6) "&#194;"
string(6) "&#195;"
string(6) "&#196;"
string(6) "&#197;"
string(6) "&#198;"
string(6) "&#199;"
string(6) "&#200;"
string(6) "&#201;"
string(6) "&#202;"
string(6) "&#203;"
string(6) "&#204;"
string(6) "&#205;"
string(6) "&#206;"
string(6) "&#207;"
string(6) "&#208;"
string(6) "&#209;"
string(6) "&#210;"
string(6) "&#211;"
string(6) "&#212;"
string(6) "&#213;"
string(6) "&#214;"
string(6) "&#215;"
string(6) "&#216;"
string(6) "&#217;"
string(6) "&#218;"
string(6) "&#219;"
string(6) "&#220;"
string(6) "&#221;"
string(6) "&#222;"
string(6) "&#223;"
string(6) "&#224;"
string(6) "&#225;"
string(6) "&#226;"
string(6) "&#227;"
string(6) "&#228;"
string(6) "&#229;"
string(6) "&#230;"
string(6) "&#231;"
string(6) "&#232;"
string(6) "&#233;"
string(6) "&#234;"
string(6) "&#235;"
string(6) "&#236;"
string(6) "&#237;"
string(6) "&#238;"
string(6) "&#239;"
string(6) "&#240;"
string(6) "&#241;"
string(6) "&#242;"
string(6) "&#243;"
string(6) "&#244;"
string(6) "&#245;"
string(6) "&#246;"
string(6) "&#247;"
string(6) "&#248;"
string(6) "&#249;"
string(6) "&#250;"
string(6) "&#251;"
string(6) "&#252;"
string(6) "&#253;"
string(6) "&#254;"
string(6) "&#255;"
hphp/test/zend/good/ext-filter/045.php
+17
Ver Arquivo
@@ -0,0 +1,17 @@
<?php
$a = array("flags"=>(string)FILTER_FLAG_ALLOW_HEX, "options" => array("min_range"=>"0", "max_range"=>"1024"));
$ret = filter_var("0xff", FILTER_VALIDATE_INT, $a);
echo ($ret === 255 && $a["options"]["min_range"] === "0")?"ok\n":"bug\n";
echo ($ret === 255 && $a["options"]["max_range"] === "1024")?"ok\n":"bug\n";
echo ($ret === 255 && is_string($a["flags"]) && $a["flags"] == FILTER_FLAG_ALLOW_HEX)?"ok\n":"bug\n";
$a = (string)FILTER_FLAG_ALLOW_HEX;
$ret = filter_var("0xff", FILTER_VALIDATE_INT, $a);
echo ($ret === 255 && is_string($a) && $a == FILTER_FLAG_ALLOW_HEX)?"ok\n":"bug\n";
$a = array("test"=>array("filter"=>(string)FILTER_VALIDATE_INT, "flags"=>(string)FILTER_FLAG_ALLOW_HEX));
$ret = filter_var_array(array("test"=>"0xff"), $a);
echo ($ret["test"] === 255 && is_string($a["test"]["filter"]) && $a["test"]["filter"] == FILTER_VALIDATE_INT)?"ok\n":"bug\n";
echo ($ret["test"] === 255 && is_string($a["test"]["flags"]) && $a["test"]["flags"] == FILTER_FLAG_ALLOW_HEX)?"ok\n":"bug\n";
$a = array("test"=>(string)FILTER_VALIDATE_INT);
$ret = filter_var_array(array("test"=>"255"), $a);
echo ($ret["test"] === 255 && is_string($a["test"]) && $a["test"] == FILTER_VALIDATE_INT)?"ok\n":"bug\n";
?>
hphp/test/zend/good/ext-filter/045.php.expectf
+7
Ver Arquivo
@@ -0,0 +1,7 @@
ok
ok
ok
ok
ok
ok
ok
hphp/test/zend/good/ext-filter/046.php
+31
Ver Arquivo
@@ -0,0 +1,31 @@
<?php
$max = sprintf("%d", PHP_INT_MAX);
switch($max) {
case "2147483647": /* 32-bit systems */
$min = "-2147483648";
$overflow = "2147483648";
$underflow = "-2147483649";
break;
case "9223372036854775807": /* 64-bit systems */
$min = "-9223372036854775808";
$overflow = "9223372036854775808";
$underflow = "-9223372036854775809";
break;
default:
die("failed: unknown value for PHP_MAX_INT");
break;
}
function test_validation($val, $msg) {
$f = filter_var($val, FILTER_VALIDATE_INT);
echo "$msg filtered: "; var_dump($f); // filtered value (or false)
echo "$msg is_long: "; var_dump(is_long($f)); // test validation
echo "$msg equal: "; var_dump($val == $f); // test equality of result
}
// PHP_INT_MAX
test_validation($max, "max");
test_validation($overflow, "overflow");
test_validation($min, "min");
test_validation($underflow, "underflow");
?>
hphp/test/zend/good/ext-filter/046.php.expectf
+12
Ver Arquivo
@@ -0,0 +1,12 @@
max filtered: int(%d)
max is_long: bool(true)
max equal: bool(true)
overflow filtered: bool(false)
overflow is_long: bool(false)
overflow equal: bool(false)
min filtered: int(-%d)
min is_long: bool(true)
min equal: bool(true)
underflow filtered: bool(false)
underflow is_long: bool(false)
underflow equal: bool(false)
hphp/test/zend/good/ext-filter/047.php
+27
Ver Arquivo
@@ -0,0 +1,27 @@
<?php
function octal_inc($s) {
$len = strlen($s);
while ($len > 0) {
$len--;
if ($s[$len] != '7') {
$s[$len] = $s[$len] + 1;
return $s;
}
$s[$len] = '0';
}
return '1'.$s;
}
$s = sprintf("%o", PHP_INT_MAX);
var_dump(is_long(filter_var('0'.$s, FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL))));
$s = octal_inc($s);
var_dump(is_long(filter_var('0'.$s, FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL))));
$s = sprintf("%o", ~0);
var_dump(is_long(filter_var('0'.$s, FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL))));
$s = octal_inc($s);
var_dump(filter_var('0'.$s, FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_OCTAL)));
?>
hphp/test/zend/good/ext-filter/047.php.expectf
+4
Ver Arquivo
@@ -0,0 +1,4 @@
bool(true)
bool(true)
bool(true)
bool(false)
hphp/test/zend/good/ext-filter/048.php
+31
Ver Arquivo
@@ -0,0 +1,31 @@
<?php
function hex_inc($s) {
$len = strlen($s);
while ($len > 0) {
$len--;
if ($s[$len] != 'f') {
if ($s[$len] == '9') {
$s[$len] = 'a';
} else {
$s[$len] = $s[$len] + 1;
}
return $s;
}
$s[$len] = '0';
}
return '1'.$s;
}
$s = sprintf("%x", PHP_INT_MAX);
var_dump(is_long(filter_var('0x'.$s, FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX))));
$s = hex_inc($s);
var_dump(is_long(filter_var('0x'.$s, FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX))));
$s = sprintf("%x", ~0);
var_dump(is_long(filter_var('0x'.$s, FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX))));
$s = hex_inc($s);
var_dump(filter_var('0x'.$s, FILTER_VALIDATE_INT, array("flags"=>FILTER_FLAG_ALLOW_HEX)));
?>
hphp/test/zend/good/ext-filter/048.php.expectf
+4
Ver Arquivo
@@ -0,0 +1,4 @@
bool(true)
bool(true)
bool(true)
bool(false)
hphp/test/zend/good/ext-filter/049.php
+27
Ver Arquivo
@@ -0,0 +1,27 @@
<?php
$test = array(
'0' => 0.0,
'12345678900.1234567165' => 12345678900.1234567165,
'1,234,567,890.1234567165' => 1234567890.1234567165,
'-1,234,567,890.1234567165' => -1234567890.1234567165,
'1234,567,890.1234567165' => false,
'1,234,567,89.1234567165' => false,
'1,234,567,8900.1234567165' => false,
'1.234.567.890.1234567165' => false,
'1,234,567,8900.123,456' => false,
);
foreach ($test as $src => $dst) {
$out = filter_var($src, FILTER_VALIDATE_FLOAT, array("flags"=>FILTER_FLAG_ALLOW_THOUSAND));
if ($dst !== $out) {
if ($out === false) {
echo "$src -> false != $dst\n";
} elseif ($dst === false) {
echo "$src -> $out != false\n";
} else {
echo "$src -> $out != $dst\n";
}
}
}
echo "Ok\n";
?>
hphp/test/zend/good/ext-filter/049.php.expectf
+1
Ver Arquivo
@@ -0,0 +1 @@
Ok

Alguns arquivos não foram exibidos porque demasiados arquivos foram alterados neste diff Mostrar Mais