From a596be9eb41a77cc3a7d96b6b7ec66e8ca66a709 Mon Sep 17 00:00:00 2001 From: ghost Date: Fri, 14 Jan 2022 00:23:36 +0200 Subject: [PATCH] add userPost filter, allow mixed data input --- src/system/helper/filter.php | 78 ++++++++++++++++++++++++++++-------- 1 file changed, 61 insertions(+), 17 deletions(-) diff --git a/src/system/helper/filter.php b/src/system/helper/filter.php index e8b85d1..149c33b 100644 --- a/src/system/helper/filter.php +++ b/src/system/helper/filter.php @@ -4,7 +4,7 @@ class Filter { public static function userName(mixed $string) { - $string = preg_replace('/[^a-zA-Z0-9_]+/u', '', $string); + $string = preg_replace('/[^a-zA-Z0-9_]+/u', '', (string) $string); $string = mb_substr($string, 0, 16); @@ -13,71 +13,76 @@ class Filter { public static function userPrivateKey(mixed $string) { - return preg_replace('/[^a-zA-Z0-9_]+/u', '', $string); + return preg_replace('/[^a-zA-Z0-9_]+/u', '', (string) $string); } public static function blockHash(mixed $string) { - return preg_replace('/[^a-zA-Z0-9]+/u', '', $string); + return preg_replace('/[^a-zA-Z0-9]+/u', '', (string) $string); } - public static function fullName(string $string) { + public static function fullName(mixed $string) { - $string = preg_replace('/[^\s\w]+/u', '', $string); + $string = preg_replace('/[^\s\w]+/u', '', (string) $string); $string = mb_substr($string, 0, 200); return $string; } - public static function location(string $string) { + public static function sigUserPost(mixed $string) { - $string = preg_replace('/[^\s\w\.\,]+/u', '', $string); + return preg_replace('/[^a-zA-Z0-9]+/u', '', (string) $string); + } + + public static function location(mixed $string) { + + $string = preg_replace('/[^\s\w\.\,]+/u', '', (string) $string); $string = mb_substr($string, 0, 200); return $string; } - public static function url(string $string) { + public static function url(mixed $string) { - $string = preg_replace('/[^\w\?\&\=\.\:\/]+/u', '', $string); + $string = preg_replace('/[^\w\?\&\=\.\:\/]+/u', '', (string) $string); $string = mb_substr($string, 0, 200); return $string; } - public static function bitMessage(string $string) { + public static function bitMessage(mixed $string) { - $string = preg_replace('/[^\w\-]+/u', '', $string); + $string = preg_replace('/[^\w\-]+/u', '', (string) $string); $string = mb_substr($string, 0, 200); return $string; } - public static function tox(string $string) { + public static function tox(mixed $string) { - $string = preg_replace('/[^\w]+/u', '', $string); + $string = preg_replace('/[^\w]+/u', '', (string) $string); $string = mb_substr($string, 0, 200); return $string; } - public static function bio(string $string) { + public static function bio(mixed $string) { - $string = preg_replace('/[^\s\w\.\,\:\;\@\?\!\+\`\&\^\%\#\=\-\_\~\*\/\(\)\[\]\<\>\"\']+/u', '', $string); + $string = preg_replace('/[^\s\w\.\,\:\;\@\?\!\+\`\&\^\%\#\=\-\_\~\*\/\(\)\[\]\<\>\"\']+/u', '', (string) $string); $string = mb_substr($string, 0, 500); return $string; } - public static function post(string $string) { + public static function post(mixed $string) { - $string = preg_replace('/[^\s\w\.\,\:\;\@\?\!\+\`\&\^\%\#\=\-\_\~\*\/\(\)\[\]\<\>\"\']+/u', '', $string); + $string = preg_replace('/[^\s\w\.\,\:\;\@\?\!\+\`\&\^\%\#\=\-\_\~\*\/\(\)\[\]\<\>\"\']+/u', '', (string) $string); $string = mb_substr($string, 0, 140); @@ -93,4 +98,43 @@ class Filter { return (int) $int; } + + public static function userPost(mixed $userPost) { + + $result = []; + foreach ((array) $userPost as $key => $value) { + + switch ($key) { + case 'height': + $result[$key] = self::int($value); + break; + case 'time': + $result[$key] = self::int($value); + break; + case 'k': + $result[$key] = self::int($value); + break; + case 'lastk': + $result[$key] = self::int($value); + break; + case 'n': + $result[$key] = self::userName($value); + break; + case 'msg': + $result[$key] = self::post($value); + break; + case 'msg2': + $result[$key] = self::post($value); + break; + case 'sig_rt': + $result[$key] = self::sigUserPost($value); + break; + case 'rt': + $result[$key] = self::userPost($value); + break; + } + } + + return $result; + } }