devtoolboxuk /
soteria
@@ -12,6 +12,9 @@ |
||
| 12 | 12 | $this->_evil_attributes_regex = $evil->regEx(); |
| 13 | 13 | } |
| 14 | 14 | |
| 15 | + /** |
|
| 16 | + * @param string $str |
|
| 17 | + */ |
|
| 15 | 18 | public function removeEvilAttributes($str) |
| 16 | 19 | { |
| 17 | 20 | // replace style-attribute, first (if needed) |
@@ -107,7 +107,7 @@ discard block |
||
| 107 | 107 | /** |
| 108 | 108 | * @param StringResource $str |
| 109 | 109 | * |
| 110 | - * @return mixed |
|
| 110 | + * @return string |
|
| 111 | 111 | */ |
| 112 | 112 | private function _do($str) |
| 113 | 113 | { |
@@ -176,6 +176,9 @@ discard block |
||
| 176 | 176 | return $str; |
| 177 | 177 | } |
| 178 | 178 | |
| 179 | + /** |
|
| 180 | + * @param string $str |
|
| 181 | + */ |
|
| 179 | 182 | public function decodeString($str) |
| 180 | 183 | { |
| 181 | 184 | // init |
@@ -184,6 +187,10 @@ discard block |
||
| 184 | 187 | if (strpos($str, '<') !== false && preg_match($regExForHtmlTags, $str, $matches) === 1) { |
| 185 | 188 | $str = (string)preg_replace_callback( |
| 186 | 189 | $regExForHtmlTags, |
| 190 | + |
|
| 191 | + /** |
|
| 192 | + * @param string $matches |
|
| 193 | + */ |
|
| 187 | 194 | function ($matches) { |
| 188 | 195 | return $this->decodeEntity($matches); |
| 189 | 196 | }, |
@@ -222,7 +229,7 @@ discard block |
||
| 222 | 229 | } |
| 223 | 230 | |
| 224 | 231 | /** |
| 225 | - * @return null |
|
| 232 | + * @return null|boolean |
|
| 226 | 233 | */ |
| 227 | 234 | public function isXssFound() |
| 228 | 235 | { |
@@ -234,7 +241,7 @@ discard block |
||
| 234 | 241 | * |
| 235 | 242 | * @param StringResource $str |
| 236 | 243 | * |
| 237 | - * @return StringResource |
|
| 244 | + * @return string |
|
| 238 | 245 | */ |
| 239 | 246 | private function _entity_decode($str) |
| 240 | 247 | { |
@@ -337,6 +344,9 @@ discard block |
||
| 337 | 344 | return $str; |
| 338 | 345 | } |
| 339 | 346 | |
| 347 | + /** |
|
| 348 | + * @param string $file |
|
| 349 | + */ |
|
| 340 | 350 | private function _get_data($file) |
| 341 | 351 | { |
| 342 | 352 | /** @noinspection PhpIncludeInspection */ |
@@ -4,12 +4,10 @@ |
||
| 4 | 4 | |
| 5 | 5 | use devtoolboxuk\soteria\models\SoteriaModel; |
| 6 | 6 | use devtoolboxuk\soteria\voku\Resources\Attributes; |
| 7 | - |
|
| 8 | 7 | use devtoolboxuk\soteria\voku\Resources\Exploded; |
| 9 | 8 | use devtoolboxuk\soteria\voku\Resources\Html; |
| 10 | 9 | use devtoolboxuk\soteria\voku\Resources\JavaScript; |
| 11 | 10 | use devtoolboxuk\soteria\voku\Resources\NeverAllowed; |
| 12 | - |
|
| 13 | 11 | use devtoolboxuk\soteria\voku\Resources\System; |
| 14 | 12 | use devtoolboxuk\soteria\voku\Resources\Utf7; |
| 15 | 13 | use devtoolboxuk\soteria\voku\Resources\Utf8; |
@@ -13,6 +13,9 @@ discard block |
||
| 13 | 13 | $this->_evil_html_tags = $evil->html(); |
| 14 | 14 | } |
| 15 | 15 | |
| 16 | + /** |
|
| 17 | + * @param string $str |
|
| 18 | + */ |
|
| 16 | 19 | public function naughtyHtml($str) |
| 17 | 20 | { |
| 18 | 21 | $evil_html_tags = implode('|', $this->_evil_html_tags); |
@@ -20,6 +23,10 @@ discard block |
||
| 20 | 23 | |
| 21 | 24 | $str = (string)preg_replace_callback( |
| 22 | 25 | '#<(?<start>/*\s*)(?<content>' . $evil_html_tags . ')(?<end>[^><]*)(?<rest>[><]*)#ius', |
| 26 | + |
|
| 27 | + /** |
|
| 28 | + * @param string $matches |
|
| 29 | + */ |
|
| 23 | 30 | function ($matches) { |
| 24 | 31 | return $this->naughtyHtmlCallback($matches); |
| 25 | 32 | }, |
@@ -185,12 +185,20 @@ discard block |
||
| 185 | 185 | return str_replace($BROKEN_UTF8_TO_UTF8_KEYS_CACHE, $BROKEN_UTF8_TO_UTF8_VALUES_CACHE, $str); |
| 186 | 186 | } |
| 187 | 187 | |
| 188 | + /** |
|
| 189 | + * @param string $file |
|
| 190 | + */ |
|
| 188 | 191 | private function getData($file) |
| 189 | 192 | { |
| 190 | 193 | |
| 191 | 194 | return include __DIR__ . '/../Data/' . $file . '.php'; |
| 192 | 195 | } |
| 193 | 196 | |
| 197 | + /** |
|
| 198 | + * @param integer $flags |
|
| 199 | + * |
|
| 200 | + * @return string |
|
| 201 | + */ |
|
| 194 | 202 | private function htmlEntityDecode($str, $flags = null, $encoding = 'UTF-8') |
| 195 | 203 | { |
| 196 | 204 | if ( |
@@ -496,6 +504,9 @@ discard block |
||
| 496 | 504 | return $buf; |
| 497 | 505 | } |
| 498 | 506 | |
| 507 | + /** |
|
| 508 | + * @param string $input |
|
| 509 | + */ |
|
| 499 | 510 | private function toUtf8ConvertHelper($input) |
| 500 | 511 | { |
| 501 | 512 | // init |
@@ -525,6 +536,9 @@ discard block |
||
| 525 | 536 | return $buf; |
| 526 | 537 | } |
| 527 | 538 | |
| 539 | + /** |
|
| 540 | + * @param integer $code_point |
|
| 541 | + */ |
|
| 528 | 542 | private function chr($code_point, $encoding = 'UTF-8') |
| 529 | 543 | { |
| 530 | 544 | // init |
@@ -620,6 +634,9 @@ discard block |
||
| 620 | 634 | return $CHAR_CACHE[$cacheKey] = $chr; |
| 621 | 635 | } |
| 622 | 636 | |
| 637 | + /** |
|
| 638 | + * @return string |
|
| 639 | + */ |
|
| 623 | 640 | private function encode($toEncoding, $str) |
| 624 | 641 | { |
| 625 | 642 | if ($str === '' || $toEncoding === '') { |
@@ -787,6 +804,9 @@ discard block |
||
| 787 | 804 | return $var; |
| 788 | 805 | } |
| 789 | 806 | |
| 807 | + /** |
|
| 808 | + * @param string $str |
|
| 809 | + */ |
|
| 790 | 810 | private function normalizeLineEnding($str) |
| 791 | 811 | { |
| 792 | 812 | return str_replace(["\r\n", "\r"], "\n", $str); |
@@ -843,6 +863,9 @@ discard block |
||
| 843 | 863 | ); |
| 844 | 864 | } |
| 845 | 865 | |
| 866 | + /** |
|
| 867 | + * @param string $char |
|
| 868 | + */ |
|
| 846 | 869 | private function singleChrHtmlEncode($char, $keepAsciiChars = false, $encoding = 'UTF-8') |
| 847 | 870 | { |
| 848 | 871 | if ($char === '') { |
@@ -1349,6 +1372,9 @@ discard block |
||
| 1349 | 1372 | // return false; |
| 1350 | 1373 | // } |
| 1351 | 1374 | |
| 1375 | + /** |
|
| 1376 | + * @param integer $int |
|
| 1377 | + */ |
|
| 1352 | 1378 | private function decimalToChr($int) |
| 1353 | 1379 | { |
| 1354 | 1380 | return $this->htmlEntityDecode('&#' . $int . ';', \ENT_QUOTES | \ENT_HTML5); |
@@ -1502,6 +1528,9 @@ discard block |
||
| 1502 | 1528 | return false; |
| 1503 | 1529 | } |
| 1504 | 1530 | |
| 1531 | + /** |
|
| 1532 | + * @param string $input |
|
| 1533 | + */ |
|
| 1505 | 1534 | private function is_binary($input, $strict = false) |
| 1506 | 1535 | { |
| 1507 | 1536 | $input = (string)$input; |
@@ -1539,6 +1568,9 @@ discard block |
||
| 1539 | 1568 | return false; |
| 1540 | 1569 | } |
| 1541 | 1570 | |
| 1571 | + /** |
|
| 1572 | + * @param string $str |
|
| 1573 | + */ |
|
| 1542 | 1574 | private function get_file_type( |
| 1543 | 1575 | $str, |
| 1544 | 1576 | $fallback = [ |
@@ -102,7 +102,7 @@ discard block |
||
| 102 | 102 | } |
| 103 | 103 | |
| 104 | 104 | /** |
| 105 | - * @param $data |
|
| 105 | + * @param string $data |
|
| 106 | 106 | * @param string $type |
| 107 | 107 | * @param int $stringLength |
| 108 | 108 | * @return mixed|string |
@@ -171,7 +171,7 @@ discard block |
||
| 171 | 171 | } |
| 172 | 172 | |
| 173 | 173 | /** |
| 174 | - * @param $data |
|
| 174 | + * @param string $data |
|
| 175 | 175 | * @param int $length |
| 176 | 176 | * @return bool|string |
| 177 | 177 | */ |
@@ -187,7 +187,7 @@ discard block |
||
| 187 | 187 | |
| 188 | 188 | |
| 189 | 189 | /** |
| 190 | - * @return null |
|
| 190 | + * @return null|boolean |
|
| 191 | 191 | */ |
| 192 | 192 | public function isSanitised() |
| 193 | 193 | { |
@@ -196,7 +196,7 @@ discard block |
||
| 196 | 196 | |
| 197 | 197 | /** |
| 198 | 198 | * Returns true if the data is valid |
| 199 | - * @return null |
|
| 199 | + * @return boolean |
|
| 200 | 200 | */ |
| 201 | 201 | public function isValid() |
| 202 | 202 | { |
@@ -25,7 +25,7 @@ |
||
| 25 | 25 | } |
| 26 | 26 | |
| 27 | 27 | /** |
| 28 | - * @return mixed |
|
| 28 | + * @return string |
|
| 29 | 29 | */ |
| 30 | 30 | public function getResult() |
| 31 | 31 | { |
