diff --git a/dblayer.php b/dblayer.php index af6e38b..c6fde44 100644 --- a/dblayer.php +++ b/dblayer.php @@ -43,8 +43,12 @@ class dblayer extends PDO protected $foreign = array (); /** The db connection */ protected $db = null; - /** The verify stack */ + /** The verify unitary stack + @param string $field The name of the field to test + @param string $val The value of the field to test */ protected function verifyOne ($field, $val) {} + /** The verify global stack + @param array $datas The associative array of contents */ protected function verifyAll ($datas) {} /** Debug of the SQL */ public $debug = FALSE; diff --git a/form.php b/form.php index 63c957d..5127a75 100644 --- a/form.php +++ b/form.php @@ -21,6 +21,7 @@ class form It can be disabled if needed. An Exception is raised if the form is send back without the token */ public $csrf=TRUE; + /** Name of the CSRF hidden field in HTML page */ public $csrfField = "CSRF_TOKEN"; /** The method used to send the values */ @@ -161,7 +162,9 @@ die ("FORM/VERIFY : UNUSED and dirty\n"); $method is the method written in method field of
@param string|null $method The method to use to transmit the form (POST, GET) - @param array|null $values The default values of the fields */ + @param array|null $values The default values of the fields + @param array|null $errors The fields to put in error with the associated + message */ public function printHTML ($method = 'post', $values = NULL, $errors = array()) { @@ -492,7 +495,8 @@ die ("FORM/VERIFY : UNUSED and dirty\n"); return $res; } - /** Check the token from the user */ + /** Check the token from the user + @param string $tokenFromUser The value form the user's token */ public function checkToken ($tokenFromUser) { $csrf = new csrf (); @@ -535,12 +539,13 @@ class formfield } } +/** CSRF protection + By default, the CSRF protection is active if a SESSION is active too. + It can be disabled if needed. An Exception is raised if the form is send + back without the token */ class csrf { - /** CSRF protection - By default, the CSRF protection is active if a SESSION is active too. - It can be disabled if needed. An Exception is raised if the form is send - back without the token */ + /** Allow to disable the csrf protection */ public $csrf=TRUE; /** This hidden field name in HTML */ public $field = "CSRF_TOKEN"; @@ -564,7 +569,8 @@ class csrf } /** Check if the provided token is the right token, defined last displayed - page */ + page + @param string $tokenFromUser The value form the user's token */ public function checkToken ($tokenFromUser) { if ($this->csrf === FALSE ) diff --git a/verify.php b/verify.php index 2877258..dde174a 100644 --- a/verify.php +++ b/verify.php @@ -10,7 +10,8 @@ class verify // NETWORK // ///////////////// /** Check if $val is a valid IPv4 - Return TRUE or FALSE */ + Return TRUE or FALSE + @param string $val The IP to test */ public function is_ip ($val) { if (filter_var ($val, FILTER_VALIDATE_IP)) @@ -19,7 +20,8 @@ class verify } /** Check if $val is a valid IPv4 - Return TRUE or FALSE */ + Return TRUE or FALSE + @param string $val The IPv4 to test */ public function is_ipv4 ($val) { if (filter_var ($val, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) @@ -28,7 +30,8 @@ class verify } /** Check if $val is a valid IPv6 - Return TRUE or FALSE */ + Return TRUE or FALSE + @param string $val The IPv to test */ public function is_ipv6 ($val) { if (filter_var ($val, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) @@ -37,7 +40,8 @@ class verify } /** Check if $val is a valid hostname (without domain) - Return TRUE or FALSE */ + Return TRUE or FALSE + @param string $val The hostname to check */ public function is_hostname ($val) { if (strlen ($val) < 2 || strlen ($val) > 128) @@ -54,7 +58,8 @@ class verify } /** Check if $val is a valid domain (without hostname) - Return TRUE or FALSE */ + Return TRUE or FALSE + @param string $val The domain to check */ public function is_domain ($val) { if (strlen ($val) < 2 || strlen ($val) > 128) @@ -71,7 +76,8 @@ class verify } /** Check if $val is a valid FQDN - Return TRUE or FALSE */ + Return TRUE or FALSE + @param string $val The FQDN to check */ public function is_FQDN ($val) { if (strlen ($val) < 2 || strlen ($val) > 255) @@ -94,7 +100,8 @@ class verify /////////////// /** Check if $val is a valid date A valid date is 2014-03-20 12:27:34 - Return TRUE or FALSE */ + Return TRUE or FALSE + @param string $val The date to check */ public function is_datetimeSQL ($val) { if (strlen ($val) !== 19) @@ -114,7 +121,8 @@ class verify ///////////////// // NUMBERS // ///////////////// - /** Return TRUE if the provided value is an integer in decimal (not octal) */ + /** Return TRUE if the provided value is an integer in decimal (not octal) + @param string $val The Integer val to check */ public function is_integer ($val) { if (strspn ($val, "0123456789") !== strlen ($val))