How to use Sanitize()?
Permalink
Hi all,
How to use sanitize() and where to use this?
Is there is any example to use this?
How to use sanitize() and where to use this?
Is there is any example to use this?
Bump
There are several places where sanitation is done, but I presume you mean in text. Text sanitation is done as to (among other things) prevent input of html/scripts to the database, which when run can be a security risk.
This is the function from the text helper:
So you pass the string and optionally length and allowed tags. The function will return a string without html or php tags (except the ones you have allowed).
More information on strip_tags() can be found here: http://php.net/manual/en/function.strip-tags.php...
This is the function from the text helper:
function sanitize($string, $maxlength = 0, $allowed = '') { $text = trim(strip_tags($string, $allowed)); if ($maxlength > 0) { if (function_exists('mb_substr')) { $text = mb_substr($text, 0, $maxlength, APP_CHARSET); } else { $text = substr($text, 0, $maxlength); } } if ($text == null) { return ""; // we need to explicitly return a string otherwise some DB functions might insert this as a ZERO. } return $text; }
So you pass the string and optionally length and allowed tags. The function will return a string without html or php tags (except the ones you have allowed).
More information on strip_tags() can be found here: http://php.net/manual/en/function.strip-tags.php...
Thanks @adajad... I got it...
