Provides methods for sanitizing and validating user input, preparing data for output, and more.

Click any linked item for full usage details and examples. Hookable methods are indicated with the icon. In addition to those shown below, the Sanitizer class also inherits all the methods and properties of: Wire.

Numbers / Strings / Arrays / Pages / Constants / Files / Other

Show “$sanitizer”             Show Arguments        

Numbers

NameReturnSummary 
$sanitizer->date($value)
string, int or nullSanitize a date or date/time string, making sure it is valid, and return it
$sanitizer->float($value)
floatSanitize to floating point value
$sanitizer->int(mixed $value)
intSanitized an integer (unsigned, unless you specify a negative minimum value)
$sanitizer->intArray($value)
arraySanitize array or CSV string to array of unsigned integers (or signed if specified $min is less than 0)
$sanitizer->intSigned(mixed $value)
intSanitize to signed integer (negative or positive)
$sanitizer->intUnsigned(mixed $value)
intSanitize to unsigned (0 or positive) integer

Strings

NameReturnSummary 
$sanitizer->alpha(string $value)
stringSanitize to ASCII alpha (a-z A-Z)
$sanitizer->alphanumeric(string $value)
stringSanitize to ASCII alphanumeric (a-z A-Z 0-9)
$sanitizer->date($value)
string, int or nullSanitize a date or date/time string, making sure it is valid, and return it
$sanitizer->digits(string $value)
stringSanitize string to contain only ASCII digits (0-9)
$sanitizer->email(string $value)
stringSanitize and validate an email address
$sanitizer->emailHeader(string $value)
stringReturns a value that may be used in an email header
$sanitizer->entities(string $str)
stringEntity encode a string for output
$sanitizer->entities1(string $str)
stringEntity encode a string and don’t double encode it if already encoded
$sanitizer->entitiesMarkdown(string $str)
stringEntity encode while translating some markdown tags to HTML equivalents
$sanitizer->fieldName(string $value)
stringSanitize consistent with names used by ProcessWire fields and/or PHP variables
$sanitizer->filename(string $value)
stringName filter for ProcessWire filenames (basenames only, not paths)
$sanitizer->markupToLine(string $value)
stringConvert a string containing markup or entities to be a single line of plain text
$sanitizer->markupToText(string $value)
stringConvert a string containing markup or entities to be plain text
$sanitizer->match(string $value, string $regex)
stringValidate that given value matches regex pattern.
$sanitizer->name(string $value)
stringSanitize in "name" format (ASCII alphanumeric letters/digits, hyphens, underscores, periods)
$sanitizer->names($value)
string or arraySanitize a string or array containing multiple names
$sanitizer->pageName(string $value)
stringSanitize as a ProcessWire page name
$sanitizer->pageNameTranslate(string $value)
stringName filter for ProcessWire Page names with transliteration
$sanitizer->pageNameUTF8(string $value)
stringSanitize and allow for UTF-8 characters in page name
$sanitizer->pagePathName(string $value)
stringSanitize a page path name
$sanitizer->pagePathNameUTF8(string $value)
stringSanitize a UTF-8 page path name (does not perform ASCII/UTF8 conversions)
$sanitizer->path(string $value)
bool or stringValidate the given path, return path if valid, or false if not valid
$sanitizer->purify(string $str)
stringPurify HTML markup using HTML Purifier
$sanitizer->removeMB4($value)
string, array or mixedRemoves 4-byte UTF-8 characters (like emoji) that produce error with with MySQL regular “UTF8” encoding
$sanitizer->removeNewlines(string $str)
stringRemove newlines from the given string and return it
$sanitizer->selectorValue(string $value)
stringSanitizes a string value that needs to go in a ProcessWire selector
$sanitizer->string($value)
stringSanitize value to string
$sanitizer->text(string $value)
stringSanitize short string of text to single line without HTML
$sanitizer->textarea(string $value)
stringSanitize input string as multi-line text without no HTML tags
$sanitizer->unentities(string $str)
stringRemove entity encoded characters from a string.
$sanitizer->url(string $value)
stringSanitize and validate given URL or return blank if it can’t be made valid

Arrays

NameReturnSummary 
$sanitizer->array($value)
arraySanitize array or CSV string to array of strings
$sanitizer->intArray($value)
arraySanitize array or CSV string to array of unsigned integers (or signed if specified $min is less than 0)
$sanitizer->minArray(array $data)
arrayMinimize an array to remove empty values
$sanitizer->option($value, array $allowedValues)
string, int or nullReturn $value if it exists in $allowedValues, or null if it doesn't
$sanitizer->options(array $values, array $allowedValues)
arrayReturn given values that that also exist in $allowedValues whitelist

Constants

NameReturnSummary 
Sanitizer::translate const2Constant used for the $beautify argument of name sanitizer methods to indicate transliteration may be used.

Files

NameReturnSummary 
$sanitizer->filename(string $value)
stringName filter for ProcessWire filenames (basenames only, not paths)
$sanitizer->validateFile(string $filename)
bool or nullValidate a file using FileValidator modules

Other

NameReturnSummary 
$sanitizer->bool($value)
boolConvert the given value to a boolean
$sanitizer->purifier()
MarkupHTMLPurifierReturn a new HTML Purifier instance
$sanitizer->testAll($value)
arrayRun value through all sanitizers, return array indexed by sanitizer name and resulting value

Additional methods and properties

In addition to the methods and properties above, Sanitizer also inherits the methods and properties of these classes:

API reference based on ProcessWire core version 3.0.84