Developing (v7+)

How to use Sanitize()?

Permalink November 01, 2013 at 1:11 AM

Hi all,

How to use sanitize() and where to use this?
Is there is any example to use this?

cjramki replied on Nov 1, 2013 at 2:58 am Permalink Reply

Bump

adajad replied on Nov 1, 2013 at 5:39 am Permalink Best Answer Reply

There are several places where sanitation is done, but I presume you mean in text. Text sanitation is done as to (among other things) prevent input of html/scripts to the database, which when run can be a security risk.

This is the function from the text helper:

function sanitize($string, $maxlength = 0, $allowed = '') { 
    $text = trim(strip_tags($string, $allowed));
    if ($maxlength > 0) {
        if (function_exists('mb_substr')) {
            $text = mb_substr($text, 0, $maxlength, APP_CHARSET);
        } else {
            $text = substr($text, 0, $maxlength);
        }
    }
    if ($text == null) {
        return ""; // we need to explicitly return a string otherwise some DB functions might insert this as a ZERO.
    }
    return $text;
}

So you pass the string and optionally length and allowed tags. The function will return a string without html or php tags (except the ones you have allowed).

More information on strip_tags() can be found here: http://php.net/manual/en/function.strip-tags.php...

cjramki replied on Nov 1, 2013 at 5:49 am Permalink Reply

Thanks @adajad... I got it...

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.

Forums

Developing (v7+)

How to use Sanitize()?

Code

Post Reply

Delete Post

Mark Post as Spam

Destroy Spammer

Sign In?