PhpMyAdmin\Sanitize | A web interface for MySQL and MariaDB

class Sanitize (View source)

This class includes various sanitization methods that can be called statically

Methods

static bool

checkLink(string $url, bool $http = false, bool $other = false)

Checks whether given link is valid

static string

convertBBCode(string $message, bool $safe = false)

Sanitizes $message, taking into account our special codes for formatting.

static string

sanitizeFilename(string $filename, bool $replaceDots = false)

Sanitize a filename by removing anything besides legit characters

static string

getJsValue(string $key, mixed $value)

Formats an javascript assignment with proper escaping of a value and support for assigning array of strings.

static void

removeRequestVars(array $allowList)

Removes all variables from request except allowed ones.

Details

at line 47
`static bool checkLink(string $url, bool $http = false, bool $other = false)`

Checks whether given link is valid

Parameters

string	$url	URL to check
bool	$http	Whether to allow http links
bool	$other	Whether to allow ftp and mailto links

Return Value

bool

at line 167
`static string convertBBCode(string $message, bool $safe = false)`

Sanitizes $message, taking into account our special codes for formatting.

Parameters

string	$message	the message
bool	$safe	whether string is safe (can keep < and > chars)

Return Value

string

at line 228
`static string sanitizeFilename(string $filename, bool $replaceDots = false)`

Sanitize a filename by removing anything besides legit characters

Intended usecase: When using a filename in a Content-Disposition header the value should not contain ; or "

When exporting, avoiding generation of an unexpected double-extension file

Parameters

string	$filename	The filename
bool	$replaceDots	Whether to also replace dots

Return Value

string

the sanitized filename

at line 251
`static string getJsValue(string $key, mixed $value)`

Formats an javascript assignment with proper escaping of a value and support for assigning array of strings.

Parameters

string	$key	Name of value to set
mixed	$value	Value to set, can be either string or array of strings

Return Value

string

Javascript code.

at line 261
`static void removeRequestVars(array $allowList)`

Removes all variables from request except allowed ones.

Parameters

array

$allowList

list of variables to allow

Return Value

void

Sanitize

Methods

Details

at line 47 static bool checkLink(string $url, bool $http = false, bool $other = false)

Parameters

Return Value

at line 167 static string convertBBCode(string $message, bool $safe = false)

Parameters

Return Value

at line 228 static string sanitizeFilename(string $filename, bool $replaceDots = false)

Parameters

Return Value

at line 251 static string getJsValue(string $key, mixed $value)

Parameters

Return Value

at line 261 static void removeRequestVars(array $allowList)

Parameters

Return Value

at line 47
`static bool checkLink(string $url, bool $http = false, bool $other = false)`

at line 167
`static string convertBBCode(string $message, bool $safe = false)`

at line 228
`static string sanitizeFilename(string $filename, bool $replaceDots = false)`

at line 251
`static string getJsValue(string $key, mixed $value)`

at line 261
`static void removeRequestVars(array $allowList)`