[Summary]
  This file describes the functions and language constructs that are
  able to untaint data that might be tainted. This includes functions that
  transform data to the integer type.
  Functions for regular expressions are not added to this list because the
  regular expression might be faulty. This would give a false sense of security.

[Language constructs]
  Casts:
    The following casts can be used to untaint data. The result of these casts
    are non-string values.
      (double)   (null)
      (float)    (array)
      (real)     (object)
      (int)

[Internal functions]
  The following functions return a value that is not dangerous anymore because the
  return value is of a certain type / format:
    * abs                                               | Returns an integer or float
    * acos                                              | Returns a float
    * acosh                                             | Returns a float
    * asin                                              | Returns a float
    * asinh                                             | Returns a float
    * atan                                              | Returns a float
    * atan2                                             | Returns a float
    * atanh                                             | Returns a float
    * base64_encode                                     | Returnes encoded string
    * bcadd                                             | Returns a string, but in number format
    * bccomp                                            | Returns a string, but in number format
    * bcdiv                                             | Returns a string, but in number format
    * bcmod                                             | Returns a string, but in number format
    * bcmul                                             | Returns a string, but in number format
    * bcpow                                             | Returns a string, but in number format
    * bcpowmod                                          | Returns a string, but in number format
    * bcscale                                           | Returns a string, but in number format
    * bcsqrt                                            | Returns a string, but in number format
    * bcsub                                             | Returns a string, but in number format
    * bin2hex                                           | Returns a string, but in number format
    * bindec                                            | Returns a number
    * cal_days_in_month                                 | Returns an int
    * cal_to_jd                                         | Returns an int
    * ceil                                              | Returns a float
    * checkdate                                         | Returns a bool
    * checkdnsrr                                        | Returns an int
    * cos                                               | Returns an float
    * cosh                                              | Returns an float
    * count                                             | Returns an int
    * count_chars                                       | Returns an int
    * crc32                                             | Returns an int
    * crypt                                             | Returns an encrypted string
    * decbin                                            | Returns a binary string
    * dechex                                            | Returns a Hexidecimal string
    * decoct                                            | Returns an octal string
    * deg2rad                                           | Returns a float
    * doubleval                                         | Alias of Floatval, returns a float
    * easter_date                                       | Returns an int
    * easter_days                                       | Returns an int
    * error_reporting                                   | Returns an int
    * exp                                               | Returns a float
    * floatval                                          | Returns a float
    * floor                                             | Returns a float
    * fmod                                              | Returns a float
    * Any gmp_function in combination with 'gmp_strval' | Returns int
    * gmstrftime                                        | Returns string in gm-time format
    * gzcompress                                        | Compresses a string
    * gzencode                                          | Encodes a string
    * gzinflate                                         | Inflate a deflated string
    * hexdec                                            | Returns number
    * hypot                                             | Returns a float
    * imap_binary                                       | Convert an 8bit string to a base64 string
    * intval                                            | Get the integer value of a variable
    * ip2long                                           | Converts a string containing an (IPv4) Internet Protocol dotted address into a proper address
    * ircg_html_encode                                  | Encodes HTML preserving output
    * ircg_nickname_escape                              | Encode special characters in nickname to be IRC-compliant
    * lcg_value                                         | Return int
    * levenshtein                                       | Return int
    * log                                               | Return int
    * log10                                             | Return int
    * log1p                                             | Return int
    * long2ip                                           | Returns formatted string
    * max                                               | Return int
    * mcrypt_encrypt                                    | Returns encrypted string
    * mcrypt_generic                                    | Returns encrypted string
    * min                                               | Return int
    * mktime                                            | Return int
    * money_format                                      | Returns formatted string
    * number_format                                     | Return int
    * octdec                                            | Octal to decimal
    * pow                                               | Exponential expression
    * rad2deg                                           | Converts the radian number to the equivalent number in degrees
    * rawurlencode                                      | URL-encode according to RFC 1738
    * round                                             | Rounds a float
    * sin                                               | Sine
    * sinh                                              | Hyperbolic sine
    * sizeof                                            | Alias of count()
    * sqrt                                              | Return float
    * str_shuffle                                       | Randomly shuffles a string
    * strftime                                          | Format a local time/date according to locale settings
    * strrev                                            | Reverse a string
    * strtotime                                         | Parse about any English textual datetime description into a Unix timestamp
    * tan                                               | Tangent
    * tanh                                              | Hyperbolic tangent

    PHP5 only:
    * convert_uuencode  | Returns an uu-encoded string
    * conv_strlen       | Returns the character count of string
    * idate             | Formats a time as an int

  The following functions return a boolean and can be used in an if-construction.
  In one of the branches the variable will contain the desired property.
    * ctype_alnum        | Check for alphanumeric character(s)
    * ctype_alpha        | Check for alphabetic character(s)
    * ctype_cntrl        | Check for control character(s)
    * ctype_digit        | Check for numeric character(s)
    * ctype_punct        | Check for any printable character which is not whitespace or an alphanumeric character
    * ctype_space        | Check for whitespace character(s)
    * ctype_xdigit       | Check for character(s) representing a hexadecimal digit
    * defined            | True when $var is defined
    * dns_check_record   | True if dns is checked
    * dns_get_mx         | True if MX are returned
    * empty              | True if variable is empty
    * file_exists        | True if file exists
    * headers_sent       | True if headers sent
    * in_array           | Checks if a value exists in an array
    * is_a               | Returns TRUE if the object is of this class or has this class as one of its parents
    * is_array           | Finds whether a variable is an array
    * is_bool            | Finds out whether a variable is a boolean
    * is_callable        | Verify that the contents of a variable can be called as a function
    * is_dir             | Tells whether the filename is a directory
    * is_double          | Alias of is_float()
    * is_executable      | Tells whether the filename is executable
    * is_file            | Tells whether the filename is a regular file
    * is_finite          | Finds whether a value is a legal finite number
    * is_float           | Finds whether a variable is a float
    * is_infinite        | Finds whether a value is infinite
    * is_int             | Find whether a variable is an integer
    * is_integer         | Alias of is_int()
    * is_link            | Tells whether the filename is a symbolic link
    * is_long            | Alias of is_int()
    * is_nan             | Finds whether a value is not a number
    * is_null            | Finds whether a variable is NULL
    * is_numeric         | Finds whether a variable is a number or a numeric string
    * is_readable        | Tells whether the filename is readable
    * is_real            | Alias of is_float()
    * is_resource        | Finds whether a variable is a resource
    * is_scalar          | Finds whether a variable is a scalar
    * is_string          | Finds whether a variable is a string
    * is_uploaded_file   | Tells whether the file was uploaded via HTTP POST
    * is_writable        | Tells whether the filename is writable
    * is_writeable       | Alias of is_writable()
    * method_exists      | Checks if the class method exists


  PHP5 Only:
    * is_soap_fault      | Checks if SOAP call was failed


  The following functions are made for a specific purpose:
    * addcslashes         | Adds c-style slashes
    * addslashes          | Add slashes
    * escapeshellarg      | Escape a string to be used as a shell argument
    * escapeshellcmd      | Escape shell metacharacters
    * gettype             | Get the type of a variable, can be used in if-construction
    * htmlentities        | Convert all applicable characters to HTML entities
    * htmlspecialchars    | Convert special characters to HTML entities
    * imap_8bit           | Convert an 8bit string to a quoted-printable string
    * mysql_escape_string | Escapes a string for use in a mysql_query
    * pg_convert          |  Convert associative array values into suitable for SQL statement
    * pg_escape_bytea     |  Escape a string for insertion into a bytea field
    * pg_escape_string    |  Escape a string for insertion into a text field
    * strip_tags          | Strip HTML and PHP tags from a string


  PHP5 only:
    * mysqli->real_escape_string | Escapes special characters in a string for use in a SQL statement, taking into account the current charset of the connection
    * sprintf                    | Return a formatted string