Sanitization functions

Functions to sanitize values.

See http://drupal.org/writing-secure-code for information on writing secure code.

File

drupal/core/includes/common.inc, line 1188

Common functions that many Drupal modules will need to reference.

Functions

Name	Location	Description
_filter_xss_split	drupal/core/includes/common.inc	Processes an HTML tag.
_filter_xss_attributes	drupal/core/includes/common.inc	Processes a string of HTML attributes.
t	drupal/core/includes/bootstrap.inc	Translates a string to the current language or to a given language.
st	drupal/core/includes/install.inc	Translates a string when some systems are not available.
get_t	drupal/core/includes/bootstrap.inc	Returns the name of the proper localization function.
format_string	drupal/core/includes/bootstrap.inc	Replaces placeholders with sanitized values in a string.
filter_xss_bad_protocol	drupal/core/includes/common.inc	Processes an HTML attribute value and strips dangerous protocols from URLs.
filter_xss_admin	drupal/core/includes/common.inc	Applies a very permissive XSS/HTML filter for admin-only use.
filter_xss	drupal/core/includes/common.inc	Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities.
filter_xss	drupal/core/includes/common.inc	Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities.
drupal_strip_dangerous_protocols	drupal/core/includes/common.inc	Strips dangerous protocols (e.g. 'javascript:') from a URI.
check_url	drupal/core/includes/common.inc	Strips dangerous protocols from a URI and encodes it for output to HTML.
check_plain	drupal/core/includes/bootstrap.inc	Encodes special characters in a plain-text string for display as HTML.
check_markup	drupal/core/modules/filter/filter.module	Runs all the enabled filters on a piece of text.