Purify

Component that has methods to escape dangerous characters from text, URL and other things.

This Component has methods which make it easy to escape any special characters like in HTML we can escape <, > so that html does not get interpreted by the browser which can cause injection vulnerabilities.

The component can be found at sirJuni\Framework\Components\Purify. The methods are static so we don't need an instance to make use of it.

Escaping HTML

To escape quotes in HTML, we can use the html method of this class. It basically escape the <, > so that html is not interpreted.

use sirJuni\Framework\Components\Purify;

$safe_text = Purify::html("<h1>Hello</h1>");

Sanitize URL

To sanitize URLs by URL Encoding any special characters we use the link method and pass it the url.

$url = "https://hello.com^/xyz*";
$safe_url = Purify::link($url);     // returns https://hello.com%5E/xyz%2A

PreviousPlaceholder Types NextMiddleware

Last updated 2 years ago

hashtagEscaping HTML

hashtagSanitize URL

Escaping HTML

Sanitize URL