PHP Security Library
Copyright (C) 2004 Jose Antonio Coret
E-Mail: joxeankoret@yahoo.es
Various regular expressions provideds by :
K. K. Mookhey Founder & CTO Network Intelligence (I) Pvt. Ltd.
This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
++ INTERNAL USE ++
Is an attacker trying to attack PHP Sec?
If the stupid feature REGISTER_GLOBALS is on we are vulnerable to variable poisoning attacks. Check if any person is trying to attack us.
++ INTERNAL USE ++
The function replaces the characters that are storeds in $chars in the $data parameter with "", without quotes :)
++ INTERNAL USE ++
The function makes the security actions that are specifieds by the developer and/or administrator
++ INTERNAL USE ++
The function tests if the signatures storeds in $the_array array matches with the $data parameter.
Check if any field appears to be attacked
Return true if appears dangerous otherwise false
Check for "Magic Cookies" attack
Return true if magic cookie attack appears to be used otherwise false
Check if a simple field appears to be attacked
Return true if appears dangerous otherwise false
Clean the string to avoid XSS, SQL Injection, Directory Traversal and filename/command attacks.
Clean the string to avoid filename of command attacks
Clean the string to avoid Directory Traversal attacks
Clean the string to avoid SQL Injection attacks
Clean the string to avoid XSS attacks
The function makes the security actions that are specifieds
by the developer and/or administrator
Appears to be an attack?
Returns true if appears to be an attack otherwise false
Appears to be an Directory Traversal attack?
Returns true if appears to be an attack otherwise false
Appears to be an SQL Injection attack?
Returns true if appears to be an attack otherwise false
Appears to be an XSS attack?
Returns true if appears to be an attack otherwise false
Returns true if any meta-character that is stored in $var_meta_characters found
Check if any field appears to be attacked in paranoid mode.
Is possible to obtain false positives.
Return true if appears dangerous otherwise false
Check if a simple field appears to be attacked in paranoid mode.
Is possible to obtain false positives.
Return true if appears dangerous otherwise false
Paranoid check of the passed string.
Return true if appears dangerous otherwise false
Documentation generated on Fri, 1 Oct 2004 17:46:18 +0200 by phpDocumentor 1.3.0RC3