Escapes different kinds of text securing them. By using this component you may prevent XSS attacks. This component only works with UTF-8. The PREG extension needs to be compiled with UTF-8 support.
$escaper = new \Phalcon\Escaper(); $escaped = $escaper->escapeCss("font-family: <Verdana>"); echo $escaped; // font\2D family\3A \20 \3C Verdana\3E
Sets the encoding to be used by the escaper
Returns the internal encoding used by the escaper
Sets the HTML quoting type for htmlspecialchars
Sets the double_encode to be used by the escaper
Detect the character encoding of a string to be handled by an encoder Special-handling for chr(172) and chr(128) to chr(159) which fail to be detected by mb_detect_encoding()
Utility to normalize a string’s encoding to UTF-32.
Escapes a HTML string. Internally uses htmlspecialchars
Escapes a HTML attribute string
Escape CSS strings by replacing non-alphanumeric chars by their hexadecimal escaped representation
Escapes a URL. Internally uses rawurlencode
© 2011–2016 Phalcon Framework Team
Licensed under the Creative Commons Attribution License 3.0.