Created
December 14, 2011 13:03
-
-
Save cballou/1476491 to your computer and use it in GitHub Desktop.
String sanitization/filtering optimization in PHP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * This class is our wrapper class to fix the | |
| * inherent slowness of the parent class | |
| */ | |
| class Clean extends Sanitize { | |
| public static function xss($string) | |
| { | |
| // base case | |
| if (!preg_match('/[^a-zA-Z0-9_\-.\s?!,]/', $string)) { | |
| return $string; | |
| } | |
| // complex input requires complex sanitization | |
| return parent::xss($string); | |
| } | |
| } | |
| /** | |
| * This class is a placeholder example of a large, | |
| * bulky sanitizer/filter. | |
| */ | |
| class Sanitize { | |
| public static function xss($string) | |
| { | |
| // crazy amounts of string replacement, | |
| // regular expressions, and | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment