Error using the Sanitize function

1

I have a problem using this Sanitize function, I've already done the checks and I could not find where the error is, I'm passing those values to the function:

    $data1 = Sanitize::filter($_POST['data1']); 
    $data2 = Sanitize::filter($_POST['data2']); 
    $titulo = Sanitize::filter($_POST['titulo']);   
    $descricao = Sanitize::filter($_POST['descricao']);
    $observacao = Sanitize::filter($_POST['observacao']);
    $vagas = Sanitize::filter($_POST['vagas']);

The function looks like this:

abstract class Sanitize {
/**
 * Filter
 * 
 * @param  mixed $value
 * @param  array $modes
 * @return mixed
 * @static
 * @since  1.0
 */
    static public function filter($value, $modes = array('sql', 'html')) {
        if (!is_array($modes)) {
            $modes = array($modes);
        }
        if (is_string($value)) {
            foreach ($modes as $type) {
              $value = self::_doFilter($value, $type);
            }
            return $value;
        }
        foreach ($value as $key => $toSanatize) {
            if (is_array($toSanatize)) {
                $value[$key]= self::filter($toSanatize, $modes);
            } else {
                foreach ($modes as $type) {
                  $value[$key] = self::_doFilter($toSanatize, $type);
                }
            }
        }
        return $value;
    }
/**
 * DoFilter
 * 
 * @param  mixed $value
 * @param  array $modes
 * @return mixed
 * @static
 * @since  1.0
 */
    static protected function _doFilter($value, $mode) {
        switch ($mode) {
            case 'html':
                $value = strip_tags($value);
                $value = addslashes($value);
                $value = htmlspecialchars($value);
                break;

            case 'sql':
                $value = preg_replace(sql_regcase('/(from|select|insert|delete|where|drop table|show tables|#|\*| |\\)/'),'',$value);
                $value = trim($value);
                break;
        }
        return $value;
    }
}

And I'm getting this error:

  

Warning: Invalid argument supplied for foreach () in /home/cpcocari/public_html/sanitize.class.php on line 48

The error is being accused in this line:

  

foreach ($ value as $ key = > $ toSanatize) {

    
asked by anonymous 10.03.2017 / 13:18

1 answer

2

Is the data you are passing through arrays? The foreach works only with arrays. You should verify that the input variable is an array to execute the foreach.

static public function filter($value, $modes = array('sql', 'html')) {
        if (!is_array($modes)) {
            $modes = array($modes);
        }
        if (is_string($value)) {
            foreach ($modes as $type) {
              $value = self::_doFilter($value, $type);
            }
            return $value;
        }
        if(is_array($values)){
            foreach ($value as $key => $toSanatize) {
                if (is_array($toSanatize)) {
                    $value[$key]= self::filter($toSanatize, $modes);
                } else {
                    foreach ($modes as $type) {
                       $value[$key] = self::_doFilter($toSanatize,           $type);
                }
            }
        }
}
        return $value;
    }
    
10.03.2017 / 14:01