@@ -107,7 +107,7 @@ discard block |
||
107 | 107 | /** |
108 | 108 | * @param StringResource $str |
109 | 109 | * |
110 | - * @return mixed |
|
110 | + * @return string |
|
111 | 111 | */ |
112 | 112 | private function _do($str) |
113 | 113 | { |
@@ -187,6 +187,9 @@ discard block |
||
187 | 187 | return $str; |
188 | 188 | } |
189 | 189 | |
190 | + /** |
|
191 | + * @param string $str |
|
192 | + */ |
|
190 | 193 | public function decodeString($str) |
191 | 194 | { |
192 | 195 | // init |
@@ -195,6 +198,10 @@ discard block |
||
195 | 198 | if (\strpos($str, '<') !== false && \preg_match($regExForHtmlTags, $str, $matches) === 1) { |
196 | 199 | $str = (string)\preg_replace_callback( |
197 | 200 | $regExForHtmlTags, |
201 | + |
|
202 | + /** |
|
203 | + * @param string $matches |
|
204 | + */ |
|
198 | 205 | function ($matches) { |
199 | 206 | return $this->decodeEntity($matches); |
200 | 207 | }, |
@@ -233,7 +240,7 @@ discard block |
||
233 | 240 | } |
234 | 241 | |
235 | 242 | /** |
236 | - * @return null |
|
243 | + * @return null|boolean |
|
237 | 244 | */ |
238 | 245 | public function isXssFound() |
239 | 246 | { |
@@ -245,7 +252,7 @@ discard block |
||
245 | 252 | * |
246 | 253 | * @param StringResource $str |
247 | 254 | * |
248 | - * @return StringResource |
|
255 | + * @return string |
|
249 | 256 | */ |
250 | 257 | private function _entity_decode($str) |
251 | 258 | { |
@@ -348,6 +355,9 @@ discard block |
||
348 | 355 | return $str; |
349 | 356 | } |
350 | 357 | |
358 | + /** |
|
359 | + * @param string $file |
|
360 | + */ |
|
351 | 361 | private function _get_data($file) |
352 | 362 | { |
353 | 363 | /** @noinspection PhpIncludeInspection */ |
@@ -3,12 +3,10 @@ |
||
3 | 3 | namespace devtoolboxuk\soteria\handlers; |
4 | 4 | |
5 | 5 | use devtoolboxuk\soteria\voku\Resources\Attributes; |
6 | - |
|
7 | 6 | use devtoolboxuk\soteria\voku\Resources\Exploded; |
8 | 7 | use devtoolboxuk\soteria\voku\Resources\Html; |
9 | 8 | use devtoolboxuk\soteria\voku\Resources\JavaScript; |
10 | 9 | use devtoolboxuk\soteria\voku\Resources\NeverAllowed; |
11 | - |
|
12 | 10 | use devtoolboxuk\soteria\voku\Resources\System; |
13 | 11 | use devtoolboxuk\soteria\voku\Resources\Utf7; |
14 | 12 | use devtoolboxuk\soteria\voku\Resources\Utf8; |
@@ -12,6 +12,9 @@ |
||
12 | 12 | $this->_evil_attributes_regex = $evil->regEx(); |
13 | 13 | } |
14 | 14 | |
15 | + /** |
|
16 | + * @param string $str |
|
17 | + */ |
|
15 | 18 | public function removeEvilAttributes($str) |
16 | 19 | { |
17 | 20 | // replace style-attribute, first (if needed) |
@@ -2,8 +2,6 @@ |
||
2 | 2 | |
3 | 3 | namespace devtoolboxuk\soteria\voku\Resources; |
4 | 4 | |
5 | -use devtoolboxuk\soteria\handlers\XssClean; |
|
6 | - |
|
7 | 5 | class Decode |
8 | 6 | { |
9 | 7 |
@@ -13,6 +13,9 @@ discard block |
||
13 | 13 | $this->_evil_html_tags = $evil->html(); |
14 | 14 | } |
15 | 15 | |
16 | + /** |
|
17 | + * @param string $str |
|
18 | + */ |
|
16 | 19 | public function naughtyHtml($str) |
17 | 20 | { |
18 | 21 | $evil_html_tags = \implode('|', $this->_evil_html_tags); |
@@ -20,6 +23,10 @@ discard block |
||
20 | 23 | |
21 | 24 | $str = (string) \preg_replace_callback( |
22 | 25 | '#<(?<start>/*\s*)(?<content>' . $evil_html_tags . ')(?<end>[^><]*)(?<rest>[><]*)#ius', |
26 | + |
|
27 | + /** |
|
28 | + * @param string $matches |
|
29 | + */ |
|
23 | 30 | function ($matches) { |
24 | 31 | return $this->naughtyHtmlCallback($matches); |
25 | 32 | }, |
@@ -310,6 +310,9 @@ |
||
310 | 310 | return $this->_never_allowed_str; |
311 | 311 | } |
312 | 312 | |
313 | + /** |
|
314 | + * @param string $str |
|
315 | + */ |
|
313 | 316 | public function doNeverAllowedAfterwards($str) |
314 | 317 | { |
315 | 318 | if (\stripos($str, 'on') !== false) { |
@@ -257,6 +257,11 @@ discard block |
||
257 | 257 | return include __DIR__ . '/../Data/' . $file . '.php'; |
258 | 258 | } |
259 | 259 | |
260 | + /** |
|
261 | + * @param integer $flags |
|
262 | + * |
|
263 | + * @return string |
|
264 | + */ |
|
260 | 265 | public function html_entity_decode($str, $flags = null, $encoding = 'UTF-8') |
261 | 266 | { |
262 | 267 | if ( |
@@ -601,6 +606,9 @@ discard block |
||
601 | 606 | return $buf; |
602 | 607 | } |
603 | 608 | |
609 | + /** |
|
610 | + * @param string $input |
|
611 | + */ |
|
604 | 612 | private function to_utf8_convert_helper($input) |
605 | 613 | { |
606 | 614 | // init |
@@ -630,6 +638,9 @@ discard block |
||
630 | 638 | return $buf; |
631 | 639 | } |
632 | 640 | |
641 | + /** |
|
642 | + * @param integer $code_point |
|
643 | + */ |
|
633 | 644 | public function chr($code_point, $encoding = 'UTF-8') |
634 | 645 | { |
635 | 646 | // init |
@@ -733,6 +744,9 @@ discard block |
||
733 | 744 | return $CHAR_CACHE[$cacheKey] = $chr; |
734 | 745 | } |
735 | 746 | |
747 | + /** |
|
748 | + * @return string |
|
749 | + */ |
|
736 | 750 | public function encode( |
737 | 751 | $toEncoding, |
738 | 752 | $str, |
@@ -942,6 +956,9 @@ discard block |
||
942 | 956 | return $var; |
943 | 957 | } |
944 | 958 | |
959 | + /** |
|
960 | + * @param string $str |
|
961 | + */ |
|
945 | 962 | public function normalize_line_ending($str) |
946 | 963 | { |
947 | 964 | return \str_replace(["\r\n", "\r"], "\n", $str); |
@@ -998,6 +1015,9 @@ discard block |
||
998 | 1015 | ); |
999 | 1016 | } |
1000 | 1017 | |
1018 | + /** |
|
1019 | + * @param string $char |
|
1020 | + */ |
|
1001 | 1021 | public function single_chr_html_encode($char, $keepAsciiChars = false, $encoding = 'UTF-8') |
1002 | 1022 | { |
1003 | 1023 | if ($char === '') { |
@@ -1524,6 +1544,9 @@ discard block |
||
1524 | 1544 | return false; |
1525 | 1545 | } |
1526 | 1546 | |
1547 | + /** |
|
1548 | + * @param string $input |
|
1549 | + */ |
|
1527 | 1550 | public function is_binary($input, $strict = false) |
1528 | 1551 | { |
1529 | 1552 | $input = (string)$input; |
@@ -1561,6 +1584,9 @@ discard block |
||
1561 | 1584 | return false; |
1562 | 1585 | } |
1563 | 1586 | |
1587 | + /** |
|
1588 | + * @param string $str |
|
1589 | + */ |
|
1564 | 1590 | public function get_file_type( |
1565 | 1591 | $str, |
1566 | 1592 | $fallback = [ |
@@ -1653,6 +1679,9 @@ discard block |
||
1653 | 1679 | ]; |
1654 | 1680 | } |
1655 | 1681 | |
1682 | + /** |
|
1683 | + * @param string $str |
|
1684 | + */ |
|
1656 | 1685 | public function is_utf16($str, $checkIfStringIsBinary = true) |
1657 | 1686 | { |
1658 | 1687 | |
@@ -1742,6 +1771,9 @@ discard block |
||
1742 | 1771 | ); |
1743 | 1772 | } |
1744 | 1773 | |
1774 | + /** |
|
1775 | + * @param integer $int |
|
1776 | + */ |
|
1745 | 1777 | public function decimal_to_chr($int) |
1746 | 1778 | { |
1747 | 1779 | return $this->html_entity_decode('&#' . $int . ';', \ENT_QUOTES | \ENT_HTML5); |