Summary

1) Now SEQ_SANITIZE can handle inputs as array.

2) When setting some configuration variables from outside the configuration file itself, additional flags must be set.

Detail 1

SEQ_SANITIZE('options#p#STR#7#20##&');

Will check POST['options'] to be a STRing with a minimal length of 7 and a maximal length of 20.

In case that POST['options'] is an array (when using multiple checkboxes, for example), each and every index will be checked. If the check fails, only the particular index will be deleted (EMPTYSTRING).

Detail 2

You may set the $_SEQ_BASEDIR configuration from outside the configuration file. In some cases it makes moving the host application on file system easier. Since version 0.7.0 you have to set a special security flag in addition, to signalize SSEQ-LIB that it is you who sets this.

$_SEQ_BASEDIR_PRESET = true;

Same with $_SEQ_ONERROR_REDIRECT_TO.

$_SEQ_ONERROR_REDIRECT_TO_PRESET = true;

Unfortunately these flags will later on have to be set to a secret value. This will come with the final version.

Typical header for xtc:Modified

//---- SSEQ-LIB Security Library ----//
$_SEQ_BASEDIR = DIR_FS_DOCUMENT_ROOT . 'sseq-lib/';
$_SEQ_BASEDIR_PRESET = true;

$_SEQ_ONERROR_REDIRECT_TO = HTTP_SERVER . DIR_WS_CATALOG;
$_SEQ_ONERROR_REDIRECT_TO_PRESET = true;

include_once('sseq-lib/seq_lib.php');

SEQ_SANITIZE('sseq-filter/oscommerce_2.0.txt', true);
//---- SSEQ-LIB Security Library ----//