Sanitization functions
Sanitization functions
Functions to sanitize values.
See http://drupal.org/writing-secure-code for information on writing secure code.
File
- includes/common.inc, line 1353
- Common functions that many Drupal modules will need to reference.
Functions
Name | Location | Description |
---|---|---|
check_markup | modules/filter/filter.module | Runs all the enabled filters on a piece of text. |
check_plain | includes/bootstrap.inc | Encodes special characters in a plain-text string for display as HTML. |
check_url | includes/common.inc | Strips dangerous protocols from a URI and encodes it for output to HTML. |
drupal_attributes | includes/common.inc | Converts an associative array to an XML/HTML tag attribute string. |
drupal_strip_dangerous_protocols | includes/common.inc | Strips dangerous protocols (e.g. 'javascript:') from a URI. |
filter_xss | includes/common.inc | Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities. |
filter_xss_admin | includes/common.inc | Applies a very permissive XSS/HTML filter for admin-only use. |
filter_xss_bad_protocol | includes/common.inc | Processes an HTML attribute value and strips dangerous protocols from URLs. |
format_string | includes/bootstrap.inc | Formats a string for HTML display by replacing variable placeholders. |
get_t | includes/bootstrap.inc | Returns the name of the proper localization function. |
st | includes/install.inc | Translates a string when some systems are not available. |
t | includes/bootstrap.inc | Translates a string to the current language or to a given language. |
_filter_xss_attributes | includes/common.inc | Processes a string of HTML attributes. |
_filter_xss_split | includes/common.inc | Processes an HTML tag. |
© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/includes!common.inc/group/sanitization/7.x