mosDBTable->filter

Filters all public properties of the class to remove malicious code or unwanted HTML tags. A public property is defined as one with a name that does not begin with an underscore. Optionally, some public properties may be selectively ignored (private properties are always ignored).

Syntax

void filter ( [ array $ignoreList ] )

$ignoreList

is a simple array of public property names to be ignored. This parameter is optional and if omitted all public properties will be filtered.

Examples

Example 1: In this example tags are removed from all the public properties.

/**
* myTable database table class
* @package MyComponent
*/
class myTable extends mosDBTable {
 
  /** @var int Primary key */
  var $id = null;
  /** @var string A title */
  var $title = null;
  /** @var string A description */
  var $description = null;
  /** @var string A miscellaneous field */
  var $field1 = null;
  /** @var string Another miscellaneous field */
  var $field2 = null;
  /** @var string Private property */
  var $_private = null;
  /** @var boolean */
  var $published = null;
 
  /**
  * @param database A database connector object.
  */
  function myTable( &$db ) {
    $this->mosDBTable( '#__myTable', 'id', $db );
  }
 
  /**
  * A little method to dump all the public properties.
  */
  function dump() {
    foreach ($this->getPublicProperties() as $key=>$val) {
      echo "$val = " . $this->$val . "\n";
    }
  }
 
}
 
global $database;
 
// Create an instance of the myTable class.
$table = new myTable( $database );
 
// Setup some sample data in an array.
$data = array ('id' => 1,
               'title' => '<title>The Title</title>',
               'description' => '<description>The Description</description>',
               'field1' => '<field>Field 1</field>',
               'field2' => '<field>Field 2</field>',
               '_private' => '<private>Private Property</private>',
               'published' => true);
 
// Bind the array to the object instance.
mosBindArrayToObject( $data, $table );
 
// Filter the tags from the public properties.
$table->filter( $ignore );
 
// Show the result.
$table->dump();

which will output:

id = 1
title = The Title
description = The Description
field1 = Field 1
field2 = Field 2
published = 1

Example 2: In this example, which uses the same class definition as example 1, tags are removed from all the public properties except those listed in the $ignore array.

global $database;
 
// Create an instance of the myTable class.
$table = new myTable( $database );
 
// Setup some sample data in an array.
$data = array ('id' => 1,
               'title' => '<title>The Title</title>',
               'description' => '<description>The Description</description>',
               'field1' => '<field>Field 1</field>',
               'field2' => '<field>Field 2</field>',
               '_private' => '<private>Private Property</private>',
               'published' => true);
 
// Bind the array to the object instance.
mosBindArrayToObject( $data, $table );
 
// Setup an array containing the names of the properties to be ignored.
$ignore = array( 'field1', 'field2' );
 
// Filter the tags from the public properties.
$table->filter( $ignore );
 
// Show the result.
$table->dump();

which will output:

id = 1
title = The Title
description = The Description
field1 = <field>Field 1</field>
field2 = <field>Field 2</field>
published = 1

Please report any errors on this page to the Developer Documentation Forum.