MD_STD/MD_STD_IN.php

<?PHP
/**
 * Gathers wrappers for handling inputs.
 */
declare(strict_types = 1);

/**
 * Standard class providing overrides of default PHP functions as static
 * functions.
 */
class MD_STD_IN {

    /**
     * Generic sanitization function for input strings.
     *
     * @param mixed $input Input string.
     *
     * @return integer
     */
    final public static function sanitize_id($input):int {

        $input = filter_var($input, FILTER_VALIDATE_INT, [
                'options' => [
                    'min_range' => 1,           // Minimum number of an ID generated.
                    'max_range' => 4294967295   // Max value for MySQL's int data type
                ],
            ]
        );

        if (!($input)) {
            throw new MDpageParameterNotNumericException("Value is not numeric.");
        }

        return $input;

    }

    /**
     * General string sanitization for all purposes. For use of inputs with MySQL's
     * MATCH AGAINST, use the dedicated sanitization function.
     *
     * @param mixed $input Input string.
     *
     * @return string
     */
    final public static function sanitize_text($input):string {

        $output = \filter_var($input,
            FILTER_SANITIZE_STRING,
            FILTER_FLAG_NO_ENCODE_QUOTES) ?: "";

        return trim($output);

    }

    /**
     * Retrieves HTTP input texts from GET or POST variables, whatever is provided.
     * If neither is given, returns a provided default.
     *
     * @param string $var_name Variable name.
     * @param string $default  Default value for the output.
     *
     * @return string
     */
    final public static function get_http_input_text(string $var_name, string $default = ""):string {

        if (isset($_GET[$var_name])) {
            return self::sanitize_text($_GET[$var_name]);
        }
        else if (isset($_POST[$var_name])) {
            return self::sanitize_text($_POST[$var_name]);
        }
        else return self::sanitize_text($default);

    }

    /**
     * Retrieves HTTP input texts from POST variables.
     * If none is given, returns a provided default.
     *
     * @param string $var_name Variable name.
     * @param string $default  Default value for the output.
     *
     * @return string
     */
    final public static function get_http_post_text(string $var_name, string $default = ""):string {

        if (isset($_POST[$var_name])) {
            return self::sanitize_text($_POST[$var_name]);
        }
        else return self::sanitize_text($default);

    }

}
Add class MD_STD_IN for input parsing and sanitization 2020-08-19 14:55:38 +02:00			`<?PHP`
			`/**`
			`* Gathers wrappers for handling inputs.`
			`*/`
			`declare(strict_types = 1);`

			`/**`
			`* Standard class providing overrides of default PHP functions as static`
			`* functions.`
			`*/`
			`class MD_STD_IN {`

			`/**`
			`* Generic sanitization function for input strings.`
			`*`
			`* @param mixed $input Input string.`
			`*`
			`* @return integer`
			`*/`
			`final public static function sanitize_id($input):int {`

			`$input = filter_var($input, FILTER_VALIDATE_INT, [`
			`'options' => [`
			`'min_range' => 1, // Minimum number of an ID generated.`
			`'max_range' => 4294967295 // Max value for MySQL's int data type`
			`],`
			`]`
			`);`

			`if (!($input)) {`
			`throw new MDpageParameterNotNumericException("Value is not numeric.");`
			`}`

			`return $input;`

			`}`

			`/**`
			`* General string sanitization for all purposes. For use of inputs with MySQL's`
			`* MATCH AGAINST, use the dedicated sanitization function.`
			`*`
			`* @param mixed $input Input string.`
			`*`
			`* @return string`
			`*/`
			`final public static function sanitize_text($input):string {`

			`$output = \filter_var($input,`
			`FILTER_SANITIZE_STRING,`
			`FILTER_FLAG_NO_ENCODE_QUOTES) ?: "";`

			`return trim($output);`

			`}`

			`/**`
			`* Retrieves HTTP input texts from GET or POST variables, whatever is provided.`
			`* If neither is given, returns a provided default.`
			`*`
			`* @param string $var_name Variable name.`
			`* @param string $default Default value for the output.`
			`*`
			`* @return string`
			`*/`
			`final public static function get_http_input_text(string $var_name, string $default = ""):string {`

			`if (isset($_GET[$var_name])) {`
			`return self::sanitize_text($_GET[$var_name]);`
			`}`
			`else if (isset($_POST[$var_name])) {`
			`return self::sanitize_text($_POST[$var_name]);`
			`}`
			`else return self::sanitize_text($default);`

			`}`

			`/**`
			`* Retrieves HTTP input texts from POST variables.`
			`* If none is given, returns a provided default.`
			`*`
			`* @param string $var_name Variable name.`
			`* @param string $default Default value for the output.`
			`*`
			`* @return string`
			`*/`
			`final public static function get_http_post_text(string $var_name, string $default = ""):string {`

			`if (isset($_POST[$var_name])) {`
			`return self::sanitize_text($_POST[$var_name]);`
			`}`
			`else return self::sanitize_text($default);`

			`}`

			`}`