API tools faq
paste
Advertisement
RaFaeLs

RaFaeL Security v2

RaFaeLs
Jul 30th, 2012
135
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.30 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.     //=======================================================================
  3.     //==                        RaFaeL Security                            ==
  4.     //=======================================================================
  5.     class Security {
  6.         private $xss = array(
  7.             "htmlspecialchars" => true,
  8.             "htmlentities" => true, //Don't use if strip_tags enabled
  9.             "strip_tags" => false //Don't use if htmlentities enabled
  10.         ), $sql = array(
  11.             "stripslashes" => true,
  12.             "mysql_real_escape_string" => true
  13.         ), $settings = array(
  14.             "REQUEST_ENCTYPE" => true,
  15.             "DOUBLE_ENCTYPE"  => true
  16.         );
  17.         function __construct($settings = array(), $enabled = array()) {
  18.             foreach($enabled as $enable=>$value) {
  19.                 $this->SetFunc($enable, $value);
  20.             }
  21.             foreach($settings as $setting=>$value) {
  22.                 if(isset($this->settings[$setting]) && is_bool($value)) $this->settings[$setting] = $value;
  23.             }
  24.            
  25.             if($this->settings["REQUEST_ENCTYPE"]) {
  26.                 foreach($_REQUEST as $name=>$value)
  27.                     $_REQUEST[$name] = $this->Sql($value);
  28.             }
  29.         }
  30.         function Xss($str) {
  31.             foreach($this->xss as $func=>$state) {
  32.                 if($state == true) $str = $func($str);
  33.             }
  34.            
  35.             return $str;
  36.         }
  37.         function Sql($str) {
  38.             foreach($this->sql as $func=>$state) {
  39.                 if($state == true) $str = $func($str);
  40.             }
  41.            
  42.             return $str;
  43.         }
  44.         function SetFunc($enable, $value = true) {
  45.             if(isset($this->xss[$enable]) && is_bool($value)) $this->Xss[$enable] = $value;
  46.             else if(isset($this->sql[$enable]) && is_bool($value)) $this->Sql[$enable] = $value;
  47.             return true;
  48.         }
  49.         function Enctype($str) {
  50.             $str = hash('sha256', md5($str));
  51.             return $this->settings["DOUBLE_ENCTYPE"]? (substr(hash('sha512', $str), strlen($str), strlen($str)*0.8)):($str);
  52.         }
  53.     }
  54.  
  55.     //Usage Example's:
  56.     $Security = new Security(array("REQUEST_ENCTYPE" => false)); // $Security = new Security([Settings], [Disabled]);
  57.     $Security->SetFunc("htmlentities", true);
  58.     echo $Security->Xss("<html>'RaFaeL's Security class'</html>"); //&lt;html&gt;'RaFaeL's Security class'&lt;/html&gt;
  59.     echo "<br />";
  60.     echo $Security->Sql("'RaFaeL's Security class'"); //\'RaFaeL\'s Security class\'
  61.     echo "<br />";
  62.     echo $_REQUEST["test"];
  63.     echo "<br />";
  64.     echo $Security->Enctype("RaFaeL"); //e980a7582c517886f2d80f88fd9a5a533a6fab71f3b4b04c8dcb1b59e4f2f033
  65. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!