Data Sanitization.
Removal of alphanumeric characters, SQL-safe slash-added strings, HTML-friendly strings, and all of the above on arrays.
clean( string|array $data , string|array $options array() )
Sanitizes given array or value for safe input. Use the options to specify the connection to use, and what filters should be applied (with a boolean value). Valid filters:
remove_html
to work.$
with \$
\r
encode
must be true for this option to work.$data
$options
optional array() mixed
escape( string $string , string $connection 'default' )
Makes a string SQL-safe.
$string
$connection
optional 'default' string
html( string $string , array $options array() )
Returns given string safe for display as HTML. Renders entities.
strip_tags() does not validating HTML syntax or structure, so it might strip whole passages with broken HTML.
$string
$options
optional array() string
paranoid( string $string , array $allowed array() )
Removes any non-alphanumeric characters.
$string
$allowed
optional array() string
stripAll( string $str )
Strips extra whitespace, images, scripts and stylesheets from output
$str
string
stripImages( string $str )
Strips image tags from output
$str
string
stripScripts( string $str )
Strips scripts and stylesheets from output
$str
string
stripTags( string $str )
Strips the specified tags from output. First parameter is string from where to remove tags. All subsequent parameters are tags.
Ex.$clean = Sanitize::stripTags($dirty, 'b', 'p', 'div');
Will remove all <b>
, <p>
, and <div>
tags from the $dirty string.
$str
string
stripWhitespace( string $str )
Strips extra whitespace from output
$str
string
© 2005–2016 The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
http://api.cakephp.org/2.7/class-Sanitize.html