* @copyright Copyright © 2006-2010 Peter Adams * @license http://www.gnu.org/copyleft/gpl.html GPL v2.0 * @category owa * @package owa * @version $Revision$ * @since owa 1.3.0 */ class owa_sanitize { /** * Remove Non alpha or numeric characters * * @param string|array $input String or array contain input to sanitize. * @param array $exceptions An array of additional characters that should be allowed. * @return string|array $sanitzed A Santized string or array */ public static function removeNonAlphaNumeric($input, $exceptions = array()) { $allow = ''; // add exceptions to allowed char part of regex if ( !empty( $exceptions ) ) { foreach ( $exceptions as $value ) { $allowed_chars .= "\\$value"; } } $regex = "/[^{$allowed_chars}a-zA-Z0-9]/"; // check to see if string is an array if ( is_array ( $input ) ) { $sanitized = array(); foreach ( $input as $key => $item ) { $sanitized[$key] = preg_replace( $regex, '', $item ); } // assume input is a singel string } else { $sanitized = preg_replace( $regex, '', $input ); } return $sanitized; } /** * Escapes a string for use in display output * * @param string $string The string to be escaped * @param string $encoding The charset to use in encoding. * @param string $quotes The php constant for encodig quotations used by htmlentities * @return string html encoded string * @link http://www.php.net/manual/en/function.htmlentities.php * @access public */ public static function escapeForDisplay($string, $encoding = 'UTF-8', $quotes = '') { if (!$quotes) { //use mode to ocnvert both single and double quotes. $quotes = ENT_QUOTES; } return htmlentities($string, $quotes, $encoding); } /** * Strip Whitespace * * @param string $str String to strip * @return string whitespace sanitized input * @access public */ public static function stripWhitespace( $input ) { $output = preg_replace( '/[\n\r\t]+/', '', $input ); return preg_replace( '/\s{2,}/', ' ', $output ); } /** * Strip IMG html tags * * @param string $input String to sanitize * @return string String with no img tags * @access public */ public static function stripImages( $input ) { $output = preg_replace('/(]*>)(]+alt=")([^"]*)("[^>]*>)(<\/a>)/i', '$1$3$5
', $input); $output = preg_replace('/(]+alt=")([^"]*)("[^>]*>)/i', '$2
', $output); $output = preg_replace('/]*>/i', '', $output); return $output; } /** * Strip Scripts and Stylesheets * * @param string $input String to sanitize * @return string String with