CakePHP
  • Documentation
    • Book
    • API
    • Videos
    • Reporting Security Issues
    • Privacy Policy
    • Logos & Trademarks
  • Business Solutions
  • Swag
  • Road Trip
  • Team
  • Community
    • Community
    • Get Involved
    • Issues (GitHub)
    • Bakery
    • Featured Resources
    • Training
    • Meetups
    • My CakePHP
    • CakeFest
    • Newsletter
    • Linkedin
    • YouTube
    • Facebook
    • Twitter
    • Mastodon
    • Help & Support
    • Forum
    • Stack Overflow
    • Slack
    • Paid Support
CakePHP

C CakePHP 1.2 API

  • Overview
  • Tree
  • Deprecated
  • Version:
    • 1.2
      • 4.2
      • 4.1
      • 4.0
      • 3.9
      • 3.8
      • 3.7
      • 3.6
      • 3.5
      • 3.4
      • 3.3
      • 3.2
      • 3.1
      • 3.0
      • 2.10
      • 2.9
      • 2.8
      • 2.7
      • 2.6
      • 2.5
      • 2.4
      • 2.3
      • 2.2
      • 2.1
      • 2.0
      • 1.3
      • 1.2

Classes

  • AclBase
  • AclBehavior
  • AclComponent
  • AclNode
  • AclShell
  • Aco
  • AcoAction
  • AjaxHelper
  • ApcEngine
  • ApiShell
  • App
  • AppController
  • AppHelper
  • AppModel
  • Aro
  • AuthComponent
  • BakeShell
  • BehaviorCollection
  • Cache
  • CacheEngine
  • CacheHelper
  • CakeErrorController
  • CakeLog
  • CakeSchema
  • CakeSession
  • CakeSocket
  • ClassRegistry
  • Component
  • Configure
  • ConnectionManager
  • ConsoleShell
  • ContainableBehavior
  • Controller
  • ControllerTask
  • CookieComponent
  • DataSource
  • DbAcl
  • DbAclSchema
  • DbConfigTask
  • DboAdodb
  • DboDb2
  • DboFirebird
  • DboMssql
  • DboMysql
  • DboMysqlBase
  • DboMysqli
  • DboOdbc
  • DboOracle
  • DboPostgres
  • DboSource
  • DboSqlite
  • DboSybase
  • Debugger
  • EmailComponent
  • ErrorHandler
  • ExtractTask
  • File
  • FileEngine
  • Flay
  • Folder
  • FormHelper
  • Helper
  • HtmlHelper
  • HttpSocket
  • I18n
  • I18nModel
  • i18nSchema
  • I18nShell
  • Inflector
  • IniAcl
  • JavascriptHelper
  • JsHelper
  • JsHelperObject
  • L10n
  • MagicDb
  • MagicFileResource
  • MediaView
  • MemcacheEngine
  • Model
  • ModelBehavior
  • ModelTask
  • Multibyte
  • NumberHelper
  • Object
  • Overloadable
  • Overloadable2
  • PagesController
  • PaginatorHelper
  • Permission
  • PluginTask
  • ProjectTask
  • RequestHandlerComponent
  • Router
  • RssHelper
  • Sanitize
  • Scaffold
  • ScaffoldView
  • SchemaShell
  • Security
  • SecurityComponent
  • SessionComponent
  • SessionHelper
  • SessionsSchema
  • Set
  • Shell
  • String
  • TestSuiteShell
  • TestTask
  • TextHelper
  • ThemeView
  • TimeHelper
  • TranslateBehavior
  • TreeBehavior
  • Validation
  • View
  • ViewTask
  • XcacheEngine
  • Xml
  • XmlElement
  • XmlHelper
  • XmlManager
  • XmlNode
  • XmlTextNode

Functions

  • __enclose
  • make_clean_css
  • mb_encode_mimeheader
  • mb_stripos
  • mb_stristr
  • mb_strlen
  • mb_strpos
  • mb_strrchr
  • mb_strrichr
  • mb_strripos
  • mb_strrpos
  • mb_strstr
  • mb_strtolower
  • mb_strtoupper
  • mb_substr
  • mb_substr_count
  • write_css_cache

Class Sanitize

Data Sanitization.

Removal of alpahnumeric characters, SQL-safe slash-added strings, HTML-friendly strings, and all of the above on arrays.

Package: cake\cake\libs
Copyright: Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
License: The MIT License
Location: sanitize.php

Method Summary

  • clean() public

    Sanitizes given array or value for safe input. Use the options to specify the connection to use, and what filters should be applied (with a boolean value). Valid filters: odd_spaces, encode, dollar, carriage, unicode, escape, backslash.

  • escape() public
    Makes a string SQL-safe.
  • formatColumns() public
    Formats column data from definition in DBO's $columns array
  • html() public
    Returns given string safe for display as HTML. Renders entities.
  • paranoid() public
    Removes any non-alphanumeric characters.
  • stripAll() public
    Strips extra whitespace, images, scripts and stylesheets from output
  • stripImages() public
    Strips image tags from output
  • stripScripts() public
    Strips scripts and stylesheets from output
  • stripTags() public

    Strips the specified tags from output. First parameter is string from where to remove tags. All subsequent parameters are tags.

  • stripWhitespace() public
    Strips extra whitespace from output

Method Detail

clean() public ¶

clean( mixed $data , mixed $options = array() )

Sanitizes given array or value for safe input. Use the options to specify the connection to use, and what filters should be applied (with a boolean value). Valid filters: odd_spaces, encode, dollar, carriage, unicode, escape, backslash.

Parameters
mixed $data
Data to sanitize
mixed $options optional array()
If string, DB connection being used, otherwise set of options
Returns
mixed
Sanitized data

escape() public ¶

escape( string $string , string $connection = 'default' )

Makes a string SQL-safe.

Parameters
string $string
String to sanitize
string $connection optional 'default'
Database connection being used
Returns
string
SQL safe string

formatColumns() public ¶

formatColumns( Model $model )

Formats column data from definition in DBO's $columns array

Parameters
Model $model
The model containing the data to be formatted

html() public ¶

html( string $string , boolean $remove = false )

Returns given string safe for display as HTML. Renders entities.

Parameters
string $string
String from where to strip tags
boolean $remove optional false
If true, the string is stripped of all HTML tags
Returns
string
Sanitized string

paranoid() public ¶

paranoid( string $string , $allowed = array() )

Removes any non-alphanumeric characters.

Parameters
string $string
String to sanitize
$allowed optional array()
Returns
string
Sanitized string

stripAll() public ¶

stripAll( string $str )

Strips extra whitespace, images, scripts and stylesheets from output

Parameters
string $str
String to sanitize
Returns
string
sanitized string

stripImages() public ¶

stripImages( string $str )

Strips image tags from output

Parameters
string $str
String to sanitize
Returns
string
Sting with images stripped.

stripScripts() public ¶

stripScripts( string $str )

Strips scripts and stylesheets from output

Parameters
string $str
String to sanitize
Returns
string
String with