Last night in a rather epihanous moment, I had an idea for data filtering.
The idea is simply this, overwrite the GET, POST, REQUEST and COOKIE superglobals with objects.
But, it goes further than this; the major concern most people had with this (as it has been proposed before) is that
older scripts will break, so it is to this that I have come up with a really simple solution.
It works like this:
- require_once ‘Crtx/Filter.php‘;
- Crtx_Filter::Filter();
- $_GET[‘foo‘] // == original unfiltered data
- $_GET->foo // == filtered data
The class is meant to be extended, and the you should add methods named the same
as the expected variables, this will then be passed the variable upon request and the
returned value will be the return value. There is also a __default() method which by default (in Crtx_Filter itself)
simply runs strip_tags() and stripslashes() if magic_quotes_gpc is set to on. You can override this and have your own
default filtering.
Feel free to check out the source, its *really* small: Crtx_Filter Source Code
I really would like comments on this idea…
– Davey