devtoolboxuk /
soteria
@@ -12,6 +12,9 @@ |
||
| 12 | 12 | $this->_evil_attributes_regex = $evil->regEx(); |
| 13 | 13 | } |
| 14 | 14 | |
| 15 | + /** |
|
| 16 | + * @param string $str |
|
| 17 | + */ |
|
| 15 | 18 | public function removeEvilAttributes($str) |
| 16 | 19 | { |
| 17 | 20 | // replace style-attribute, first (if needed) |
@@ -107,7 +107,7 @@ discard block |
||
| 107 | 107 | /** |
| 108 | 108 | * @param StringResource $str |
| 109 | 109 | * |
| 110 | - * @return mixed |
|
| 110 | + * @return string |
|
| 111 | 111 | */ |
| 112 | 112 | private function _do($str) |
| 113 | 113 | { |
@@ -176,6 +176,9 @@ discard block |
||
| 176 | 176 | return $str; |
| 177 | 177 | } |
| 178 | 178 | |
| 179 | + /** |
|
| 180 | + * @param string $str |
|
| 181 | + */ |
|
| 179 | 182 | public function decodeString($str) |
| 180 | 183 | { |
| 181 | 184 | // init |
@@ -184,6 +187,10 @@ discard block |
||
| 184 | 187 | if (strpos($str, '<') !== false && preg_match($regExForHtmlTags, $str, $matches) === 1) { |
| 185 | 188 | $str = (string)preg_replace_callback( |
| 186 | 189 | $regExForHtmlTags, |
| 190 | + |
|
| 191 | + /** |
|
| 192 | + * @param string $matches |
|
| 193 | + */ |
|
| 187 | 194 | function ($matches) { |
| 188 | 195 | return $this->decodeEntity($matches); |
| 189 | 196 | }, |
@@ -222,7 +229,7 @@ discard block |
||
| 222 | 229 | } |
| 223 | 230 | |
| 224 | 231 | /** |
| 225 | - * @return null |
|
| 232 | + * @return null|boolean |
|
| 226 | 233 | */ |
| 227 | 234 | public function isXssFound() |
| 228 | 235 | { |
@@ -234,7 +241,7 @@ discard block |
||
| 234 | 241 | * |
| 235 | 242 | * @param StringResource $str |
| 236 | 243 | * |
| 237 | - * @return StringResource |
|
| 244 | + * @return string |
|
| 238 | 245 | */ |
| 239 | 246 | private function _entity_decode($str) |
| 240 | 247 | { |
@@ -337,6 +344,9 @@ discard block |
||
| 337 | 344 | return $str; |
| 338 | 345 | } |
| 339 | 346 | |
| 347 | + /** |
|
| 348 | + * @param string $file |
|
| 349 | + */ |
|
| 340 | 350 | private function _get_data($file) |
| 341 | 351 | { |
| 342 | 352 | /** @noinspection PhpIncludeInspection */ |
@@ -4,12 +4,10 @@ |
||
| 4 | 4 | |
| 5 | 5 | use devtoolboxuk\soteria\models\SoteriaModel; |
| 6 | 6 | use devtoolboxuk\soteria\voku\Resources\Attributes; |
| 7 | - |
|
| 8 | 7 | use devtoolboxuk\soteria\voku\Resources\Exploded; |
| 9 | 8 | use devtoolboxuk\soteria\voku\Resources\Html; |
| 10 | 9 | use devtoolboxuk\soteria\voku\Resources\JavaScript; |
| 11 | 10 | use devtoolboxuk\soteria\voku\Resources\NeverAllowed; |
| 12 | - |
|
| 13 | 11 | use devtoolboxuk\soteria\voku\Resources\System; |
| 14 | 12 | use devtoolboxuk\soteria\voku\Resources\Utf7; |
| 15 | 13 | use devtoolboxuk\soteria\voku\Resources\Utf8; |
@@ -13,6 +13,9 @@ discard block |
||
| 13 | 13 | $this->_evil_html_tags = $evil->html(); |
| 14 | 14 | } |
| 15 | 15 | |
| 16 | + /** |
|
| 17 | + * @param string $str |
|
| 18 | + */ |
|
| 16 | 19 | public function naughtyHtml($str) |
| 17 | 20 | { |
| 18 | 21 | $evil_html_tags = implode('|', $this->_evil_html_tags); |
@@ -20,6 +23,10 @@ discard block |
||
| 20 | 23 | |
| 21 | 24 | $str = (string)preg_replace_callback( |
| 22 | 25 | '#<(?<start>/*\s*)(?<content>' . $evil_html_tags . ')(?<end>[^><]*)(?<rest>[><]*)#ius', |
| 26 | + |
|
| 27 | + /** |
|
| 28 | + * @param string $matches |
|
| 29 | + */ |
|
| 23 | 30 | function ($matches) { |
| 24 | 31 | return $this->naughtyHtmlCallback($matches); |
| 25 | 32 | }, |
@@ -25,7 +25,7 @@ |
||
| 25 | 25 | } |
| 26 | 26 | |
| 27 | 27 | /** |
| 28 | - * @return mixed |
|
| 28 | + * @return string |
|
| 29 | 29 | */ |
| 30 | 30 | public function getResult() |
| 31 | 31 | { |
@@ -31,6 +31,9 @@ |
||
| 31 | 31 | $this->standardUrlRegEx = '/' . $standardUrlRegEx . '/i'; |
| 32 | 32 | } |
| 33 | 33 | |
| 34 | + /** |
|
| 35 | + * @param string $str |
|
| 36 | + */ |
|
| 34 | 37 | function remove($str) |
| 35 | 38 | { |
| 36 | 39 | return preg_replace($this->standardUrlRegEx, ' ', $str); |
@@ -98,7 +98,7 @@ discard block |
||
| 98 | 98 | } |
| 99 | 99 | |
| 100 | 100 | /** |
| 101 | - * @param $data |
|
| 101 | + * @param string $data |
|
| 102 | 102 | * @param string $type |
| 103 | 103 | * @param int $stringLength |
| 104 | 104 | * @return mixed|string |
@@ -168,7 +168,7 @@ discard block |
||
| 168 | 168 | |
| 169 | 169 | |
| 170 | 170 | /** |
| 171 | - * @return null |
|
| 171 | + * @return null|boolean |
|
| 172 | 172 | */ |
| 173 | 173 | public function isSanitised() |
| 174 | 174 | { |
@@ -177,7 +177,7 @@ discard block |
||
| 177 | 177 | |
| 178 | 178 | /** |
| 179 | 179 | * Returns true if the data is valid |
| 180 | - * @return null |
|
| 180 | + * @return boolean |
|
| 181 | 181 | */ |
| 182 | 182 | public function isValid() |
| 183 | 183 | { |
@@ -187,7 +187,7 @@ discard block |
||
| 187 | 187 | } |
| 188 | 188 | |
| 189 | 189 | /** |
| 190 | - * @param $file |
|
| 190 | + * @param string $file |
|
| 191 | 191 | * @return mixed |
| 192 | 192 | */ |
| 193 | 193 | private function getData($file) |
@@ -197,9 +197,9 @@ discard block |
||
| 197 | 197 | |
| 198 | 198 | /** |
| 199 | 199 | * @param $str |
| 200 | - * @param null $flags |
|
| 200 | + * @param integer $flags |
|
| 201 | 201 | * @param string $encoding |
| 202 | - * @return bool|false|string|string[]|null |
|
| 202 | + * @return string |
|
| 203 | 203 | */ |
| 204 | 204 | private function htmlEntityDecode($str, $flags = null, $encoding = 'UTF-8') |
| 205 | 205 | { |
@@ -511,6 +511,9 @@ discard block |
||
| 511 | 511 | return $buf; |
| 512 | 512 | } |
| 513 | 513 | |
| 514 | + /** |
|
| 515 | + * @param string $input |
|
| 516 | + */ |
|
| 514 | 517 | private function toUtf8ConvertHelper($input) |
| 515 | 518 | { |
| 516 | 519 | // init |
@@ -540,6 +543,9 @@ discard block |
||
| 540 | 543 | return $buf; |
| 541 | 544 | } |
| 542 | 545 | |
| 546 | + /** |
|
| 547 | + * @param integer $code_point |
|
| 548 | + */ |
|
| 543 | 549 | private function chr($code_point, $encoding = 'UTF-8') |
| 544 | 550 | { |
| 545 | 551 | // init |
@@ -635,6 +641,9 @@ discard block |
||
| 635 | 641 | return $CHAR_CACHE[$cacheKey] = $chr; |
| 636 | 642 | } |
| 637 | 643 | |
| 644 | + /** |
|
| 645 | + * @return string |
|
| 646 | + */ |
|
| 638 | 647 | private function encode($toEncoding, $str) |
| 639 | 648 | { |
| 640 | 649 | if ($str === '' || $toEncoding === '') { |
@@ -802,6 +811,9 @@ discard block |
||
| 802 | 811 | return $var; |
| 803 | 812 | } |
| 804 | 813 | |
| 814 | + /** |
|
| 815 | + * @param string $str |
|
| 816 | + */ |
|
| 805 | 817 | private function normalizeLineEnding($str) |
| 806 | 818 | { |
| 807 | 819 | return str_replace(["\r\n", "\r"], "\n", $str); |
@@ -858,6 +870,9 @@ discard block |
||
| 858 | 870 | ); |
| 859 | 871 | } |
| 860 | 872 | |
| 873 | + /** |
|
| 874 | + * @param string $char |
|
| 875 | + */ |
|
| 861 | 876 | private function singleChrHtmlEncode($char, $keepAsciiChars = false, $encoding = 'UTF-8') |
| 862 | 877 | { |
| 863 | 878 | if ($char === '') { |
@@ -1049,11 +1064,17 @@ discard block |
||
| 1049 | 1064 | return $ret; |
| 1050 | 1065 | } |
| 1051 | 1066 | |
| 1067 | + /** |
|
| 1068 | + * @param integer $int |
|
| 1069 | + */ |
|
| 1052 | 1070 | private function decimalToChr($int) |
| 1053 | 1071 | { |
| 1054 | 1072 | return $this->htmlEntityDecode('&#' . $int . ';', \ENT_QUOTES | \ENT_HTML5); |
| 1055 | 1073 | } |
| 1056 | 1074 | |
| 1075 | + /** |
|
| 1076 | + * @return string |
|
| 1077 | + */ |
|
| 1057 | 1078 | private function clean($str, $remove_bom = false, $normalize_whitespace = false, $normalize_msword = false, $keep_non_breaking_space = false, $replace_diamond_question_mark = false, $remove_invisible_characters = true) |
| 1058 | 1079 | { |
| 1059 | 1080 | // http://stackoverflow.com/questions/1401317/remove-non-utf8-characters-from-string |
