JoomlaRoot/libraries/joomla/filter/input.php
83 views
Skip to first unread message
Nestor Ledon
Aug 17, 2012, 11:03:30 PM8/17/12
to joomla-de...@googlegroups.com
I think I found what I'm looking for but would like advise from experienced Joomla developers. I'm trying to filter my Usernames and Passwords the same way Joomla! is in a custom registration/login/authentication process that does not use JForm.
In the file: JoomlaRoot/libraries/joomla/filter/input.php
I found this function:
public function clean($source, $type = 'string')
Now the inline documentation says:
$source Input string/array-of-string to be 'cleaned'
$type Return type for the variable (INT, UINT, FLOAT, BOOLEAN, WORD, ALNUM, CMD, BASE64, STRING, ARRAY, PATH, NONE)
So I figured I was looking at a call to the function like this:
clean($Username,'STRING');
But as I looked deeper into the function I found a case that was missing from the documentation above, USERNAME.
case 'USERNAME':
$result = (string) preg_replace('/[\x00-\x1F\x7F<>"\'%&]/', '', $source);
break;
Is this what I'm looking for? If so what about the password? Are there any other filter or security functions being called that I should know about?
- Thank you.
Sam Moffatt
Aug 18, 2012, 2:29:51 AM8/18/12
to joomla-de...@googlegroups.com
Beyond hashing the password I don't think any other modifications are
applied as it isn't necessary.
It would appear that username is the filter used looking at the source code:
https://github.com/joomla/joomla-cms/blob/master/components/com_users/controllers/user.php#L37
<code>
$data['username'] = JRequest::getVar('username', '',
'method', 'username');
$data['password'] = JRequest::getString('password',
'', 'post', JREQUEST_ALLOWRAW);
</code>
Cheers,
Sam Moffatt
http://pasamio.id.au
> --
> You received this message because you are subscribed to the Google Groups
> "Joomla! General Development" group.
> To view this discussion on the web, visit
> https://groups.google.com/d/msg/joomla-dev-general/-/81zcPFbzRgAJ.
> To post to this group, send an email to joomla-de...@googlegroups.com.
> To unsubscribe from this group, send email to
> joomla-dev-gene...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/joomla-dev-general?hl=en-GB.
applied as it isn't necessary.
It would appear that username is the filter used looking at the source code:
https://github.com/joomla/joomla-cms/blob/master/components/com_users/controllers/user.php#L37
<code>
$data['username'] = JRequest::getVar('username', '',
'method', 'username');
$data['password'] = JRequest::getString('password',
'', 'post', JREQUEST_ALLOWRAW);
</code>
Cheers,
Sam Moffatt
http://pasamio.id.au
> You received this message because you are subscribed to the Google Groups
> "Joomla! General Development" group.
> To view this discussion on the web, visit
> https://groups.google.com/d/msg/joomla-dev-general/-/81zcPFbzRgAJ.
> To post to this group, send an email to joomla-de...@googlegroups.com.
> To unsubscribe from this group, send email to
> joomla-dev-gene...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/joomla-dev-general?hl=en-GB.
Nestor Ledon
Aug 20, 2012, 12:17:28 AM8/20/12
to joomla-de...@googlegroups.com
Thank you for the great answer. Should work fine from here.
> joomla-dev-general+unsub...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages