Functions to sanitize values.
See https://www.drupal.org/writing-secure-code for information on writing secure code.
File
- core/includes/common.inc, line 188
- Common functions that many Drupal modules will need to reference.
Functions
Name | Location | Description |
---|---|---|
check_markup | core/modules/filter/filter.module | Runs all the enabled filters on a piece of text. |
check_url Deprecated | core/includes/common.inc | Strips dangerous protocols from a URI and encodes it for output to HTML. |
FormattableMarkup::placeholderFormat | core/lib/Drupal/Component/Render/FormattableMarkup.php | Replaces placeholders in a string with values. |
format_string Deprecated | core/includes/bootstrap.inc | Formats a string for HTML display by replacing variable placeholders. |
Html::escape | core/lib/Drupal/Component/Utility/Html.php | Escapes text by converting special characters to HTML entities. |
ProcessedText::preRenderText | core/modules/filter/src/Element/ProcessedText.php | Pre-render callback: Renders a processed text element into #markup. |
StringTranslationTrait::t | core/lib/Drupal/Core/StringTranslation/StringTranslationTrait.php | Translates a string to the current language or to a given language. |
t | core/includes/bootstrap.inc | Translates a string to the current language or to a given language. |
TranslatableMarkup::__construct | core/lib/Drupal/Core/StringTranslation/TranslatableMarkup.php | Constructs a new class instance. |
TranslationInterface::translate | core/lib/Drupal/Core/StringTranslation/TranslationInterface.php | Translates a string to the current language or to a given language. |
Xss::filter | core/lib/Drupal/Component/Utility/Xss.php | Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities. |
Xss::filterAdmin | core/lib/Drupal/Component/Utility/Xss.php | Applies a very permissive XSS/HTML filter for admin-only use. |
Classes
Name | Location | Description |
---|---|---|
FormattableMarkup | core/lib/Drupal/Component/Render/FormattableMarkup.php | Formats a string for HTML display by replacing variable placeholders. |
HtmlEscapedText | core/lib/Drupal/Component/Render/HtmlEscapedText.php | Escapes HTML syntax characters to HTML entities for display in markup. |
Please login to continue.