• 安全过滤
    • 添加模式转义和移除魔术方法转义
    • 深度过滤
    • url 安全过滤
    • 过滤 script
    • 过滤十六进制字符串
    • 签名算法支持
    • 签名算法支持忽略字段
    • 签名算法支持子数组

    安全过滤

    可以对用户输入数据进行过滤。

    引入相关类

    • use Leevel\Encryption\Safe;

      添加模式转义和移除魔术方法转义

    1. public function testBaseUse()
    2. {
    3.     $strings = "O'Reilly?";
    4.     $out = "O\\'Reilly?";
    6.     $this->assertSame($out, Safe::customAddslashes($strings));
    8.     $this->assertSame($strings, Safe::customStripslashes($out));
    10.     $arrays = ["O'Reilly?" => "O'Reilly?"];
    11.     $outs = ["O\\'Reilly?" => "O\\'Reilly?"];
    13.     $this->assertSame($outs, Safe::customAddslashes($arrays));
    15.     $this->assertSame($arrays, Safe::customStripslashes($outs));
    16. }

    深度过滤

    1. public function testDeepReplace()
    2. {
    3.     $strings = 'You should eat fruits, vegetables, and fiber every day.';
    4.     $out = 'You should eat fruits, vegetables, and fiber every .';
    6.     $this->assertSame($out, Safe::deepReplace(['shoule', 'day'], $strings));
    7. }

    url 安全过滤

    1. public function testEscUrl()
    2. {
    3.     $strings = 'You should eat fruits, vegetables, and fiber every day.';
    4.     $out = 'You should eat fruits, vegetables, and fiber every .';
    6.     $this->assertSame('', Safe::escUrl(''));
    8.     $this->assertSame(
    9.         'http://example.org/private.php?user=abc&email=abc@11.org',
    10.         Safe::escUrl('example.org/private.php?user=abc&email=abc@11.org')
    11.     );
    13.     $this->assertSame(
    14.         'http://example.org/private.php?user=abc&email=abc@11.org',
    15.         Safe::escUrl('http;//example.org/private.php?user=abc&email=abc@11.org')
    16.     );
    18.     $this->assertSame(
    19.         'http://example.org/private.php?user=abc&email=abc@11.org',
    20.         Safe::escUrl('http://example.org/private.php?user=abc%0D%0A&email=abc@11.org')
    21.     );
    22. }

    过滤 script

    1. public function testFilterScript()
    2. {
    3.     $strings = '<script>hello world.';
    4.     $out = '&lt;script>hello world.';
    6.     $this->assertSame($out, Safe::filterScript($strings));
    7. }

    过滤十六进制字符串

    1. public function testCleanHex()
    2. {
    3.     $strings = '0x63hello 0x6f world.';
    4.     $out = '0hello 0 world.';
    6.     $this->assertSame($out, Safe::cleanHex($strings));
    7. }

    签名算法支持

    1. public function testSignature()
    2. {
    3.     $query = [
    4.         'foo'   => 'bar',
    5.         'hello' => 'world',
    6.     ];
    8.     $signature = Safe::signature($query, '123456');
    10.     $this->assertSame('dc6cfa1e1f6eaf29c73622f4d4c54be57d545c1d7c377dade88faccb5a79d2d8', $signature);
    11. }

    签名算法支持忽略字段

    1. public function testSignatureWithIgnore()
    2. {
    3.     $query = [
    4.         'foo'       => 'bar',
    5.         'hello'     => 'world',
    6.         'signature' => 'dc6cfa1e1f6eaf29c73622f4d4c54be57d545c1d7c377dade88faccb5a79d2d8',
    7.         'timestamp' => 1541312367,
    8.     ];
    10.     $signature = Safe::signature($query, '123456', ['signature', 'timestamp']);
    12.     $this->assertSame('dc6cfa1e1f6eaf29c73622f4d4c54be57d545c1d7c377dade88faccb5a79d2d8', $signature);
    13. }

    签名算法支持子数组

    1. public function testSignatureWithSubArray()
    2. {
    3.     $query = [
    4.         'foo'   => 'bar',
    5.         'hello' => 'world',
    6.         'sub'   => [
    7.             'hello' => 'world',
    8.         ],
    9.     ];
    11.     $signature = Safe::signature($query, '123456');
    13.     $this->assertSame('2bd98c89629fae202c680b33430eb9c909b25f4e8a8dca91752fabd1e14735d1', $signature);
    14. }