/inspekt

Inspekt is a PHP library that makes it easier to write secure web applications

Primary LanguagePHPBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

# PHPSECINFO

*now on github!*

_see LICENSE for copyright and license info_

Ed Finkler
<coj@funkatron.com>
<http://inspekt.org>
<http://github.com/funkatron/inspekt>

Version 0.3.5
2009-07-22


### WHAT IS INSPEKT?

Inspekt is a comprehensive filtering and validation library for PHP.

Initial development of Inspekt was funded by OWASP's Spring of Code 2007.
<http://owasp.org>


### HOW DO I USE INSPEKT?

Check the user docs at
http://funkatron.com/inspekt/user_docs or the API docs at
http://funkatron.com/inspekt/api_docs

### HOW DO I RUN TESTS

Install PHPUnit, cd to the root dir of Inspekt, and type

> phpunit InspektTest



### HOW CAN I CONTRIBUTE, OFFER FEEDBACK, REPORT BUGS, COMPLAIN, ETC.?

Visit the Github site for Inspekt at <http://github.com/funkatron/inspekt>


## CHANGELOG
Version 0.3.5
2009-07-18
- refactored and reworked some examples; added db escaping examples
- did some work to get isInt to handle 64 bit integers better (more to do)
- fixed bug in isOneOf where a string pattern wasn't converted properly
- removed some incorrectly optional params for methods
- isRegex now correctly returns a boolean, not an Int
- added missing cage methods getROT13, noTagsOrSpecial, escMySQL, escPgSQL, escPgSQLBytea
- added many more unit tests


Version 0.3.4
2009-07-18
- Added Inspekt::getROT13()
- Added Inspekt::escMySQL()
- Added Inspekt::escPgSQL()
- Added Inspekt::escPgSQLBytea()
- Now arrays are only converted to ArrayObjects by cages; arrays passed into static filter calls are returned as arrays.
- More unit tests, and tests moved into InspektTest.php (removed Tests/ subdir)
- cleanup in Inspekt_SuperCage to fix STRICT notices

Version 0.3.3
2009-07-18
- Caged properties can now be iterated over b/c we're implementing ArrayObject (Matt McKeon)
- added a number of @assert tests for phpunit testing
- cleaned up function declarations so they would not raise STRICT notices
- leveraged Filter Extention in a couple filter methods; can be turned off with Inspekt::useFilterExt()
- added filter method Inspekt::noTagsOrSpecial() that strips tags, encodes 
'"&<>, and all low ascii chars (< 32)
- upped recursion limit to 15
- Inspekt::_walkArray will now convert a plain array into an ArrayObject (should it always? Not sure)
- filter methods will now use Inspekt::isArrayOrArrayObject() to determine if 
they need to walk the array
- fixed some require_once statements to use dirname() resolution so fewer path 
issues pop up (they showed up when using phpunit)

Version 0.3.2
2009-06-22 PHP5 now required, bug fixes for transposed params

Version 0.3.1
2008-02-08 Disables processing of $_SESSION

Version 0.3.0
2008-01-16 Final OWASP milestone release

Version 0.1
2007-05-19 Initial Release