Sanitize Class Info:

Class Declaration:

class Sanitize

File name:
cake/libs/sanitize.php
Description:

Data Sanitization.

Removal of alpahnumeric characters, SQL-safe slash-added strings, HTML-friendly strings, and all of the above on arrays.

Package
cake
Subpackage
cake.cake.libs

Properties:

Method Summary:

Show/Hide parent methods

clean

top

Sanitizes given array or value for safe input. Use the options to specify the connection to use, and what filters should be applied (with a boolean value). Valid filters:

  • odd_spaces - removes any non space whitespace characters
  • encode - Encode any html entities. Encode must be true for the remove_html to work.
  • dollar - Escape $ with \$
  • carriage - Remove \r
  • unicode -
  • escape - Should the string be SQL escaped.
  • backslash -
  • remove_html - Strip HTML with strip_tags. encode must be true for this option to work.

Parameters:
  • mixed $data required

    Data to sanitize

  • mixed $options optional array ( )

    If string, DB connection being used, otherwise set of options

Method defined in:
cake/libs/sanitize.php on line 221
Return

mixed Sanitized data

Access

public

Static

escape

top

Makes a string SQL-safe.

Parameters:
  • string $string required

    String to sanitize

  • string $connection optional 'default'

    Database connection being used

Method defined in:
cake/libs/sanitize.php on line 71
Return

string SQL safe string

Access

public

Static

formatColumns

top

Formats column data from definition in DBO's $columns array

Parameters:
  • Model $model required

    The model containing the data to be formatted

Method defined in:
cake/libs/sanitize.php on line 285
Access

public

Static

html

top

Returns given string safe for display as HTML. Renders entities.

strip_tags() does not validating HTML syntax or structure, so it might strip whole passages with broken HTML.

Options:

  • remove (boolean) if true strips all HTML tags before encoding
  • charset (string) the charset used to encode the string
  • quotes (int) see http://php.net/manual/en/function.htmlentities.php

Parameters:
  • string $string required

    String from where to strip tags

  • array $options optional array ( )

    Array of options to use.

Method defined in:
cake/libs/sanitize.php on line 99
Return

string Sanitized string

Access

public

Static

paranoid

top

Removes any non-alphanumeric characters.

Parameters:
  • string $string required

    String to sanitize

  • array $allowed optional array ( )

    An array of additional characters that are not to be removed.

Method defined in:
cake/libs/sanitize.php on line 43
Return

string Sanitized string

Access

public

Static

stripAll

top

Strips extra whitespace, images, scripts and stylesheets from output

Parameters:
  • string $str required

    String to sanitize

Method defined in:
cake/libs/sanitize.php on line 169
Return

string sanitized string

Access

public

stripImages

top

Strips image tags from output

Parameters:
  • string $str required

    String to sanitize

Method defined in:
cake/libs/sanitize.php on line 143
Return

string Sting with images stripped.

Access

public

Static

stripScripts

top

Strips scripts and stylesheets from output

Parameters:
  • string $str required

    String to sanitize

Method defined in:
cake/libs/sanitize.php on line 158
Return

string String with <script>, <style>, <link> elements removed.

Access

public

Static

stripTags

top

Strips the specified tags from output. First parameter is string from where to remove tags. All subsequent parameters are tags.

Ex.$clean = Sanitize::stripTags($dirty, 'b', 'p', 'div');

Will remove all <b>, <p>, and <div> tags from the $dirty string.

Method defined in:
cake/libs/sanitize.php on line 190
Return

string sanitized String

Access

public

Static

stripWhitespace

top

Strips extra whitespace from output

Parameters:
  • string $str required

    String to sanitize

Method defined in:
cake/libs/sanitize.php on line 130
Return

string whitespace sanitized string

Access

public

Static