Sanitization functions
Functions to sanitize values.
See http://drupal.org/writing-secure-code for information on writing secure code.
File
- drupal-7.x/
includes/ common.inc, line 1310 - Common functions that many Drupal modules will need to reference.
Functions
Name | Location | Description |
---|---|---|
_filter_xss_split |
drupal-7.x/ |
Processes an HTML tag. |
_filter_xss_attributes |
drupal-7.x/ |
Processes a string of HTML attributes. |
t |
drupal-7.x/ |
Translates a string to the current language or to a given language. |
st |
drupal-7.x/ |
Translates a string when some systems are not available. |
get_t |
drupal-7.x/ |
Returns the name of the proper localization function. |
format_string |
drupal-7.x/ |
Formats a string for HTML display by replacing variable placeholders. |
filter_xss_bad_protocol |
drupal-7.x/ |
Processes an HTML attribute value and strips dangerous protocols from URLs. |
filter_xss_admin |
drupal-7.x/ |
Applies a very permissive XSS/HTML filter for admin-only use. |
filter_xss |
drupal-7.x/ |
Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities. |
filter_xss |
drupal-7.x/ |
Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities. |
drupal_strip_dangerous_protocols |
drupal-7.x/ |
Strips dangerous protocols (e.g. 'javascript:') from a URI. |
drupal_attributes |
drupal-7.x/ |
Converts an associative array to an XML/HTML tag attribute string. |
check_url |
drupal-7.x/ |
Strips dangerous protocols from a URI and encodes it for output to HTML. |
check_plain |
drupal-7.x/ |
Encodes special characters in a plain-text string for display as HTML. |
check_markup |
drupal-7.x/ |
Runs all the enabled filters on a piece of text. |