Feature: FilterVars sanitizer

Thanks @gitmiro !
arondeparon · Apr 30, 2020 · 3a08c82 · 3a08c82
2 parents 7eb67d2 + 1d00cc9
commit 3a08c82
Show file tree

Hide file tree

Showing 10 changed files with 188 additions and 56 deletions.
diff --git a/README.md b/README.md
@@ -11,6 +11,18 @@ Often, validating your request is not enough. The request sanitizer allows you t
 manipulate your form data before passing it to the validator. You can start using it in a matter
 of minutes and it is fully compatible with Laravel's `FormRequest` object.
 
+## Table of Contents
+
+  * [How to use](#how-to-use)
+  * [Installing](#installing)
+  * [Usage](#usage)
+  * [Predefined Sanitizers](#predefined-sanitizers)
+    + [FilterVars usage](#filtervars-usage)
+  * [Writing your own Sanitizer](#writing-your-own-sanitizer)
+  * [Testing](#testing)
+  * [Credits](#credits)
+  * [License](#license)
+
 ## How to use
 
 Syntax is similar to the way `rules` are added to a [Form Request](https://laravel.com/docs/master/validation#form-request-validation).
@@ -50,8 +62,27 @@ property of your form request.
 - [`Capitalize`](./src/Sanitizers/Capitalize.php) - capitalizes the first character of a string
 - [`Uppercase`](./src/Sanitizers/Uppercase.php) - converts a string to uppercase
 - [`Lowercase`](./src/Sanitizers/Lowercase.php) - converts a string to lowercasse
+- [`FilterVars`](./src/Sanitizers/FilterVars.php) - simple php filter_vars sanitizer
 - Contributions are appreciated!
 
+### FilterVars usage
+The FilterVars sanitizer acts as a wrapper of the default PHP `filter_var` function. 
+It accepts the same (optional) parameters as the original function. 
+Both parameters can be either an `array` or `string` type:
+```php
+ {
+    protected $sanitizers = [
+        'last_name' => [
+            FilterVars::class => [
+                'filter' => FILTER_SANITIZE_STRING,
+                'options' => FILTER_FLAG_STRIP_BACKTICK
+            ]
+        ]
+    ];
+ }
+```
+For more information on filter_vars please refer to https://www.php.net/manual/en/function.filter-var.php.
+
 ## Writing your own Sanitizer
 
 Writing your own sanitizer can be done by implementing the `Sanitizer` interface, which requires only

diff --git a/src/Sanitizers/FilterVars.php b/src/Sanitizers/FilterVars.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace ArondeParon\RequestSanitizer\Sanitizers;
+
+use ArondeParon\RequestSanitizer\Contracts\Sanitizer;
+
+class FilterVars implements Sanitizer
+{
+    private $filter;
+    private $options;
+
+    public function __construct(int $filter = FILTER_DEFAULT, $options = null)
+    {
+        $this->filter = $filter;
+        $this->options = $options;
+    }
+
+    /**
+     * @param $input
+     * @return string
+     */
+    public function sanitize($input)
+    {
+        return filter_var($input, $this->filter, $this->options);
+    }
+
+}
diff --git a/tests/Sanitizers/CapitalizeTest.php b/tests/Sanitizers/CapitalizeTest.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace ArondeParon\RequestSanitizer\Tests\Sanitizers;
+
+use ArondeParon\RequestSanitizer\Sanitizers\Capitalize;
+use ArondeParon\RequestSanitizer\Tests\TestCase;
+
+class CapitalizeTest extends TestCase
+{
+    public function test_capitalize_sanitizer()
+    {
+        $sanitizer = new Capitalize();
+        $output = $sanitizer->sanitize('test');
+        $this->assertEquals('Test', $output);
+    }
+}
diff --git a/tests/Sanitizers/FilterVarsTest.php b/tests/Sanitizers/FilterVarsTest.php
@@ -0,0 +1,34 @@
+<?php
+
+
+namespace ArondeParon\RequestSanitizer\Tests\Sanitizers;
+
+use ArondeParon\RequestSanitizer\Sanitizers\FilterVars;
+use ArondeParon\RequestSanitizer\Tests\TestCase;
+
+class FilterVarsTest extends TestCase
+{
+    public function test_strip_tags_with_filter_vars()
+    {
+        $filter = FILTER_SANITIZE_STRING;
+        $sanitizer = new FilterVars($filter);
+        $output = $sanitizer->sanitize("<script>malicious code</script>");
+        $this->assertEquals('malicious code', $output);
+    }
+
+    public function test_apply_default_filter_when_no_params_have_been_provided_in_filter_vars()
+    {
+        $sanitizer = new FilterVars();
+        $output = $sanitizer->sanitize("no filter applied");
+        $this->assertEquals('no filter applied', $output);
+    }
+
+    public function test_pass_filter_options_to_filter_vars()
+    {
+        $filter = FILTER_SANITIZE_NUMBER_FLOAT;
+        $options = FILTER_FLAG_ALLOW_FRACTION | FILTER_FLAG_ALLOW_THOUSAND;
+        $sanitizer = new FilterVars($filter, $options);
+        $output = $sanitizer->sanitize("442.34,34notallowed");
+        $this->assertEquals("442.34,34", $output);
+    }
+}
diff --git a/tests/Sanitizers/LowercaseTest.php b/tests/Sanitizers/LowercaseTest.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace ArondeParon\RequestSanitizer\Tests\Sanitizers;
+
+use ArondeParon\RequestSanitizer\Sanitizers\Lowercase;
+use ArondeParon\RequestSanitizer\Tests\TestCase;
+
+class LowercaseTest extends TestCase
+{
+    public function test_lowercase_sanitizer()
+    {
+        $sanitizer = new Lowercase();
+        $output = $sanitizer->sanitize('TEST');
+        $this->assertEquals('test', $output);
+    }
+}
diff --git a/tests/Sanitizers/RemoveNonNumericTest.php b/tests/Sanitizers/RemoveNonNumericTest.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace ArondeParon\RequestSanitizer\Tests\Sanitizers;
+
+use ArondeParon\RequestSanitizer\Sanitizers\RemoveNonNumeric;
+use ArondeParon\RequestSanitizer\Tests\TestCase;
+
+class RemoveNonNumericTest extends TestCase
+{
+    public function test_remove_non_numeric_sanitizer()
+    {
+        $sanitizer = new RemoveNonNumeric();
+        $output = $sanitizer->sanitize('test1234-134AC~');
+        $this->assertEquals('1234134', $output);
+    }
+}
diff --git a/tests/Sanitizers/SanizerTest.php b/tests/Sanitizers/SanizerTest.php
diff --git a/tests/Sanitizers/TrimDuplicateSpacesTest.php b/tests/Sanitizers/TrimDuplicateSpacesTest.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace ArondeParon\RequestSanitizer\Tests\Sanitizers;
+
+use ArondeParon\RequestSanitizer\Sanitizers\TrimDuplicateSpaces;
+use ArondeParon\RequestSanitizer\Tests\TestCase;
+
+class TrimDuplicateSpacesTest extends TestCase
+{
+    public function test_trim_duplicate_spaces_sanitizer()
+    {
+        $sanitizer = new TrimDuplicateSpaces();
+        $output = $sanitizer->sanitize('test     ');
+        $this->assertEquals('test ', $output);
+    }
+}
diff --git a/tests/Sanitizers/TrimTest.php b/tests/Sanitizers/TrimTest.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace ArondeParon\RequestSanitizer\Tests\Sanitizers;
+
+use ArondeParon\RequestSanitizer\Sanitizers\Trim;
+use ArondeParon\RequestSanitizer\Tests\TestCase;
+
+class TrimTest extends TestCase
+{
+    public function test_trim_sanitizer()
+    {
+        $sanitizer = new Trim();
+        $output = $sanitizer->sanitize('test ');
+        $this->assertEquals('test', $output);
+    }
+}
diff --git a/tests/Sanitizers/UppercaseTest.php b/tests/Sanitizers/UppercaseTest.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace ArondeParon\RequestSanitizer\Tests\Sanitizers;
+
+use ArondeParon\RequestSanitizer\Sanitizers\Uppercase;
+use ArondeParon\RequestSanitizer\Tests\TestCase;
+
+class UppercaseTest extends TestCase
+{
+    public function test_uppercase_sanitizer()
+    {
+        $sanitizer = new Uppercase();
+        $output = $sanitizer->sanitize('test');
+        $this->assertEquals('TEST', $output);
+    }
+}