Sanitization functions in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/includes/common.inc \sanitization
Functions to sanitize values.
See https://www.drupal.org/writing-secure-code for information on writing secure code.
File
- core/
includes/ common.inc, line 188 - Common functions that many Drupal modules will need to reference.
Functions
Name | Location | Description |
---|---|---|
check_markup |
core/ |
Runs all the enabled filters on a piece of text. |
check_url Deprecated |
core/ |
Strips dangerous protocols from a URI and encodes it for output to HTML. |
FormattableMarkup:: |
core/ |
Replaces placeholders in a string with values. |
format_string Deprecated |
core/ |
Formats a string for HTML display by replacing variable placeholders. |
Html:: |
core/ |
Escapes text by converting special characters to HTML entities. |
ProcessedText:: |
core/ |
Pre-render callback: Renders a processed text element into #markup. |
StringTranslationTrait:: |
core/ |
Translates a string to the current language or to a given language. |
t |
core/ |
Translates a string to the current language or to a given language. |
TranslatableMarkup:: |
core/ |
Constructs a new class instance. |
TranslationInterface:: |
core/ |
Translates a string to the current language or to a given language. |
Xss:: |
core/ |
Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities. |
Xss:: |
core/ |
Applies a very permissive XSS/HTML filter for admin-only use. |
Classes
Name | Location | Description |
---|---|---|
FormattableMarkup |
core/ |
Formats a string for HTML display by replacing variable placeholders. |
HtmlEscapedText |
core/ |
Escapes HTML syntax characters to HTML entities for display in markup. |