RaFaeL Security v0.2

<?php
    //=======================================================================
    //==                        RaFaeL Security                            ==
    //=======================================================================\
    class Security {
        private $functions = array(
            "Xss" => array(
                "htmlspecialchars" => true,
                "htmlentities" => true, //Don't use if strip_tags enabled
                "strip_tags" => false //Don't use if htmlentities enabled
            ), "Sql" => array(
                "stripslashes" => true,
                "mysql_real_escape_string" => true
            )
        );
        private $settings = array(
            "REQUESTS_ENCTYPE" => true,
            "DOUBLE_ENCTYPE"  => true
        );
        private $servervars = array("GET","POST","REQUEST");
        private $badwords=array('declare','char','set','cast','convert','drop','exec','meta','script','select','truncate','insert','delete','union','update','create','where','join','information_schema','table_schema','into');

        function __construct(array $settings = array(), array $enabled = array()) {
            foreach($enabled as $enable=>$value)
                $this->SetFunc($enable, $value);

            foreach($settings as $setting=>$value)
                if(isset($this->settings[$setting]) && is_bool($value)) $this->settings[$setting] = $value;

            if($this->settings["REQUESTS_ENCTYPE"]) {
                foreach($this->servervars as $svar)
                    eval('foreach($_'.$svar.' as $key=>$value) $_'.$svar.'[$key] = $this->Sql($value);');
            }
        }
        public function Xss($str) {
            foreach($this->functions["Xss"] as $func=>$state)
                if($state === true) $str = $func($str);

            return $str;
        }
        private function BadWords($str) {
            foreach($this->badwords as $word)
                $str=str_replace($word,'\\'.$word.'\\',$str);

            return $str;
        }
        public function Sql($str) {
            foreach($this->functions["Sql"] as $func=>$state)
                if($state === true) $str = $func($str);

            return $this->BadWords($str);
        }
        public function SetFunc($enable, $value = true) {
            if(isset($this->functions["Xss"][$enable]) && is_bool($value))
                $this->functions["Xss"][$enable] = $value;
            else if(isset($this->functions["Sql"][$enable]) && is_bool($value))
                $this->functions["Sql"][$enable] = $value;
            return true;
        }
        public function Enctype($str) {
            $str = hash('sha256', md5($str));
            return $this->settings["DOUBLE_ENCTYPE"]? (substr(hash('sha512', $str), strlen($str), strlen($str)*0.8)):($str);
        }
    }

    //Usage Example's:
    $Security = new Security(array("REQUESTS_ENCTYPE" => true)); // $Security = new Security([Settings], [Disabled]);
    $Security->SetFunc("htmlentities", true);
    echo $Security->Xss("<html>'RaFaeL's Security class'</html>"); //&lt;html&gt;'RaFaeL's Security class'&lt;/html&gt;
    echo "<br />";
    echo $Security->Sql("'RaFaeL's Security class'"); //\'RaFaeL\'s Security class\'
    echo "<br />";
    echo $_REQUEST["test"]; // ?set=update%20`test`%20set%20`i`=1 = \update\ `test` \set\ `i`=1
    echo "<br />";
    echo $_GET["set"]; // ?set='rafael' = \'rafael\'
    echo "<br />";
    echo $Security->Enctype("RaFaeL"); //e980a7582c517886f2d80f88fd9a5a533a6fab71f3b4b04c8dcb1b59e4f2f033
?>
<br />