data = array(); } function my_utf8_decode($string) { return strtr($string, '???????¥µÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýÿ', 'SOZsozYYuAAAAAAACEEEEIIIIDNOOOOOOUUUUYsaaaaaaaceeeeiiiionoooooouuuuyy'); } function sanitize_email($email) { $email = $this->sanitize_system_string(strtolower(trim($email))); $pattern = '/^[^@\s<&>]+@([-a-z0-9]+\.)+[a-z]{2,}$/i'; if (preg_match($pattern, $email)) { return $email; } return false; } function sanitize_date($date, $sep = '-') { // range year: 1900 - 2099 $pattern = "/^(19[\d]{2}|20[\d]{2})". '('. $sep .')'. "(0[1-9]{1}|[1-9]{1}|1[0-2]{1})". '('. $sep .')'. "(0[1-9]|[1-9]{1}|[1-2]{1}[0-9]{1}|3[0-1]{1})$/"; if (preg_match($pattern, $date, $matchs)) { $year = (strlen($matchs['1']) < 4) ? '20' . $matchs['1'] : $matchs['1']; $month = (strlen($matchs['3']) < 2) ? '0' . $matchs['3'] : $matchs['3']; $day = (strlen($matchs['5']) < 2) ? '0' . $matchs['5'] : $matchs['5']; return $year .'-'. $month .'-'. $day; } return false; } function sanitize_url($url = '') { $pattern = '/(;|\||`|>|<|^|"|' . "\n|\r|". '|{|}|[|]|\)|\()/i'; $url = preg_replace($pattern, '', $url); if ( is_int(strpos($url, '../')) || is_int(strpos($url, './')) ) { $url = str_replace('./', '', str_replace('../', '', $url)); } if (substr($url, 0, 1) == '/') { $url = substr($url, 1); } return $url; } function sanitize_alfanum_string($string, $min = '', $max = '') { $string = preg_replace('/[^a-zA-Z0-9]/', '', trim($string)); $len = strlen($string); if ((($min != '') && ($len < $min)) || (($max != '') && ($len > $max))) { return false; } return $string; } function sanitize_alfa_string($string, $min = '', $max = '') { $string = preg_replace('/[^a-zA-Z]/', '', trim($string)); $len = strlen($string); if ((($min != '') && ($len < $min)) || (($max != '') && ($len > $max))) { return false; } return $string; } function sanitize_system_string($string, $min = '', $max = '') { $pattern = '/(;|\||`|>|<|&|^|"|' . "\n|\r|'" . '|{|}|[|]|\)|\()/i'; $string = preg_replace($pattern, '', $string); //$string = '"'. preg_replace('/\$/', '\\\$', $string) .'"'; $len = strlen($string); if ((($min != '') && ($len < $min)) || (($max != '') && ($len > $max))) { return false; } return $str; } function sanitize_sql_string($string, $min = '', $max = '') { $string = $this->_addslashes($string); $len = strlen($str); if ((($min != '') && ($len < $min)) || (($max != '') && ($len > $max))) { return false; } $pattern = '/;/'; return preg_replace($pattern, '', $string); } function sanitize_html_string($string) { $pattern = array( '/\&/', '//','/\n/', '/"/', "/'/", "/%/", '/\(/', '/\)/', '/\+/', '/-/' ); $replacement = array( '&', '<', '>', "\n", '"', ''', '%', '(', ')', '+', '-' ); return preg_replace($pattern, $replacement, $string); } function sanitize_int($integer, $min = '', $max = '') { $int = intval($integer); if ((($min != '') && ($int < $min)) || (($max != '') && ($int > $max))) { return false; } return $int; } function sanitize_float($float, $min = '', $max = '') { $float = floatval($float); if ((($min != '') && ($float < $min)) || (($max != '') && ($float > $max))) { return false; } return $float; } function _addslashes($string) { if (SANITIZE_MAGIC_QUOTES) { return $string; } else { return addslashes($string); } } } // EXEMPLO $filtro = new SanitizeData(); $dado_limpo = array( 'nome' => $filtro->sanitize_alfa_string($_POST['nome'], 4, 30), 'idade' => $filtro->sanitize_int($_POST['nome'], 1, 100), 'email' => $filtro->sanitize_email($_POST['email']), 'comentarios' => $filtro->sanitize_html_string($_POST['comentarios']) ); ?>