Sanitization functions

Functions to sanitize values.

See http://drupal.org/writing-secure-code for information on writing secure code.

File

drupal/core/includes/common.inc, line 851
Common functions that many Drupal modules will need to reference.

Functions

Name Locationsort descending Description
t drupal/core/includes/bootstrap.inc Translates a string to the current language or to a given language.
format_string drupal/core/includes/bootstrap.inc Formats a string for HTML display by replacing variable placeholders.
check_plain drupal/core/includes/bootstrap.inc Encodes special characters in a plain-text string for display as HTML.
get_t drupal/core/includes/bootstrap.inc Returns the name of the proper localization function.
drupal_strip_dangerous_protocols drupal/core/includes/common.inc Strips dangerous protocols (e.g. 'javascript:') from a URI.
check_url drupal/core/includes/common.inc Strips dangerous protocols from a URI and encodes it for output to HTML.
filter_xss_admin drupal/core/includes/common.inc Applies a very permissive XSS/HTML filter for admin-only use.
filter_xss drupal/core/includes/common.inc Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities.
filter_xss drupal/core/includes/common.inc Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities.
filter_xss_bad_protocol drupal/core/includes/common.inc Processes an HTML attribute value and strips dangerous protocols from URLs.
st drupal/core/includes/install.inc Translates a string when some systems are not available.
String::checkPlain drupal/core/lib/Drupal/Component/Utility/String.php Encodes special characters in a plain-text string for display as HTML.
String::format drupal/core/lib/Drupal/Component/Utility/String.php Formats a string for HTML display by replacing variable placeholders.
Xss::filter drupal/core/lib/Drupal/Component/Utility/Xss.php Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities.
check_markup drupal/core/modules/filter/filter.module Runs all the enabled filters on a piece of text.