Security Library



( ZN >= 0.0.1 )

It is a library built for security vulnerabilities. It consists of 2 libraries; Security and Secure . It was specifically designed to isolate risky uses such as cross-scripting and injection. Like no security system, we can not guarantee 100% security. However, overall, there is a high level of security.

 

# Methods


void CSRFToken ( String $ uri = NULL , String $ type = 'post' )
void CSRFPost ( String $ uri = NULL )
void CSRFGet ( String $ uri = NULL )
String ncEncode ( String $ string , Mixed $ badWords , Mixed $ changeChar )
String xssEncode ( String $ string )
String injectionEncode ( String $ string )
String injectionDecode ( String $ string )
String htmlEncode ( String $ string , String $ type = 'quotes' , String $ encoding = 'utf-8' )
String htmlDecode ( String $ string , String $ type = 'quotes' )
String phpTagEncode ( String $ str )
String phpTagDecode ( String $ str )
String scriptTagEncode ( String $ str )
String scriptTagDecode ( String $ str )
String nailEncode ( String $ str )
String nailDecode ( String $ str )
String foreignCharEncode ( String $ str )
String foreignCharDecode ( String $ str )
String escapeStringEncode ( String $ data )
String escapeStringDecode ( String $ data )
this data ( String $ data )
String get ( Void )

 

# CSRFToken / CSRFPost ( ZN >= 4.3.2 )


CSRF is used to generate random data against attacks. POST controls the data.

Parameters

String $ type = 'post' It controls the post data. Available Options: post, get
return void

Use of

Security::CSRFToken();
Security::CSRFToken('get');
Security::CSRFGet();

 

# CSRFGet ( ZN >= 4.3.2 )


CSRF is used to generate random data against attacks. GET controls the data.

Parameters

void
return void

Use of

Security::CSRFGet();

 

# NcEncode ( ZN >= 0.0.1 )


It is used to change the expression of what you think is bad content.

Parameters

String $ data Data.
Mixed $ badchars Bad content characters or groups of characters.
Mixed $ badchars The value that will take the place of bad characters.
return String

uses

echo Security::ncEncode('Hello or Goodbye', 'or', '[xxx]');
Hello [xxx] Goodbye

The 2nd and 3rd parameter types may contain sequence type. So you can isolate multiple character groups at the same time.

echo Security::ncEncode('Hello or Goodbye', ['Hello', 'Goodbye'], ['[xxx]', '[yyy]']);
[xxx] or [yyy]

 

# XssEncode ( ZN >= 0.0.1 )


It is generally developed to prevent cross-injections from script code.

Parameters

String $ data Data.
return String

uses

echo Security::xssEncode('<script>alert(1);script>');
& # 60; script & # 62; alert ( 1 ) ; & # 60; / script & # 62;

 

# InjectionEncode /InjectionDecode ( ZN >= 0.0.1 )


It is a method created against SQL injection. Injections are usually made with the backslash symbol.

Parameters

String $ data Data.
return String

uses

$data = Security::injectionEncode('ZN" Framework');
echo $data;
ZN [blackslash] "Framework

To restore this transformation;

echo Security::injectionDecode($data);
ZN "Framework

as used.

 

# HtmlEncode /HtmlDecode ( ZN >= 0.0.1 )


HTMLcharacters <, >and converts the quotation marks to numeric code.

Parameters

String $ data Data.
Mixed $ type = 'quotes' Cycle type.
Options quotes , nonquotes , compat
Mixed $ encoding = 'utf-8' Encoding type.
return String

uses

$data = Security::htmlEncode('<b>ZN4</b>');
echo $data;
& lt; b >ZN4 & lt; / b & gt;

To restore this transformation;

echo Security::htmlDecode($data);
<b>ZN4</b>

as used.

 

# PhpTagEncode /PhpTagDecode ( ZN >= 0.0.1 )


PHP Converts tags to numeric code.

Parameters

String $ data Data.
return String

uses

$data = Security::phpTagEncode('<?php echo 1;');
echo $data;
& # 60; & # 63; php echo 1;

To restore this transformation;

echo Security::phpTagDecode($data);
< ? php echo 1;

as used.

 

# ScriptTagEncode /ScriptTagDecode ( ZN >= 3.0.7 )


Script Converts tags to numeric code.

Parameters

String $ data Data.
return String

uses

$data = Security::scriptTagEncode('<script>alert(1);</script>');
echo $data;
& # 60; script & # 62; alert ( 1 ) ; & # 60; / script & # 62;

To restore this transformation;

echo Security::scriptTagDecode($data);
< script > alert ( 1 ) ; < / script >

as used.

 

# NailEncode /NailDecode ( ZN >= 0.0.1 )


Converts quotation marks to numeric code.

Parameters

String $ data Data.
return String

uses

$data = Security::nailEncode('ZN" Framework');
echo $data;
ZN & # 34; Framework

To restore the transformation;

echo Security::nailDecode($data);
ZN "Framework

as used.

 

# ForeignCharEncode /ForeignCharDecode ( ZN >= 2.0.0 )


Convert foreign characters to numeric code.

Parameters

String $ data Data.
return String

uses

$data = Security::foreignCharEncode('Àŕç');
echo $data;
& # 192; & # 341; & # 231;

To restore the transformation;

echo Security::foreignCharDecode($data);
ARC

as used.

 

# EscapeStringEncode / # EscapeStringDecode ( ZN >= 2.0.0 )


Their use is the same as the injectionEncode () and injectionDecode () methods.

Parameters

String $ data Data.
return String

 

# Data ( ZN >= 4.0.23 )


Secure :: library is a filtering library that uses the methods of the Security :: library. It is used to specify the data to pass through the security filter.

Parameters

String $ data Data.
return this

uses

echo Secure::data('<?php echo "This is"; ?> <b>example code!</b>')
           ->phpTagEncode()
           ->htmlTagEncode()
           ->get();
& amp ; # 60; & amp ; # 63; php echo & quot; This is & quot; & amp ; # 63; & amp ; # 62; & lt; b >example code! & lt; / b & gt;

 

# Get ( ZN >= 4.0.23 )


It is the method used to finish filtering.

Parameters

void
return String

uses

echo Secure::data('<?php echo "This is"; ?> <b>example code!</b>')
           ->phpTagEncode()
           ->htmlTagEncode()
           ->injectionEncode()
           ->get();
& amp ; # 60; & amp ; # 63; php echo & quot; This is & quot; & amp ; # 63; & amp ; # 62; & lt; b >example code! & lt; / b & gt;