Provides methods for sanitizing and validating user input, preparing data for output, and more.

Click any linked item for full usage details and examples. Hookable methods are indicated with the icon. In addition to those shown below, the Sanitizer class also inherits all the methods and properties of: Wire.

Numbers / Strings / Arrays / Pages / Constants / Files / Other

Numbers

Name Return Summary  
$sanitizer->date($value) string, int or null Sanitize a date or date/time string, making sure it is valid, and return it
$sanitizer->float($value) float Sanitize to floating point value
$sanitizer->int(mixed $value) int Sanitized an integer (unsigned, unless you specify a negative minimum value)
$sanitizer->intArray($value) array Sanitize array or CSV string to array of unsigned integers (or signed if specified $min is less than 0)
$sanitizer->intSigned(mixed $value) int Sanitize to signed integer (negative or positive)
$sanitizer->intUnsigned(mixed $value) int Sanitize to unsigned (0 or positive) integer

Strings

Name Return Summary  
$sanitizer->alpha(string $value) string Sanitize to ASCII alpha (a-z A-Z)
$sanitizer->alphanumeric(string $value) string Sanitize to ASCII alphanumeric (a-z A-Z 0-9)
$sanitizer->date($value) string, int or null Sanitize a date or date/time string, making sure it is valid, and return it
$sanitizer->digits(string $value) string Sanitize string to contain only ASCII digits (0-9)
$sanitizer->email(string $value) string Sanitize and validate an email address
$sanitizer->emailHeader(string $value) string Returns a value that may be used in an email header
$sanitizer->entities(string $str) string Entity encode a string for output
$sanitizer->entities1(string $str) string Entity encode a string and don’t double encode it if already encoded
$sanitizer->entitiesMarkdown(string $str) string Entity encode while translating some markdown tags to HTML equivalents
$sanitizer->fieldName(string $value) string Sanitize consistent with names used by ProcessWire fields and/or PHP variables
$sanitizer->filename(string $value) string Name filter for ProcessWire filenames (basenames only, not paths)
$sanitizer->markupToLine(string $value) string Convert a string containing markup or entities to be a single line of plain text
$sanitizer->markupToText(string $value) string Convert a string containing markup or entities to be plain text
$sanitizer->match(string $value, string $regex) string Validate that given value matches regex pattern.
$sanitizer->name(string $value) string Sanitize in "name" format (ASCII alphanumeric letters/digits, hyphens, underscores, periods)
$sanitizer->names($value) string or array Sanitize a string or array containing multiple names
$sanitizer->pageName(string $value) string Sanitize as a ProcessWire page name
$sanitizer->pageNameTranslate(string $value) string Name filter for ProcessWire Page names with transliteration
$sanitizer->pageNameUTF8(string $value) string Sanitize and allow for UTF-8 characters in page name
$sanitizer->pagePathName(string $value) string Sanitize a page path name
$sanitizer->pagePathNameUTF8(string $value) string Sanitize a UTF-8 page path name (does not perform ASCII/UTF8 conversions)
$sanitizer->path(string $value) bool or string Validate the given path, return path if valid, or false if not valid
$sanitizer->purify(string $str) string Purify HTML markup using HTML Purifier
$sanitizer->removeNewlines(string $str) string Remove newlines from the given string and return it
$sanitizer->selectorValue(string $value) string Sanitizes a string value that needs to go in a ProcessWire selector
$sanitizer->string($value) string Sanitize value to string
$sanitizer->text(string $value) string Sanitize short string of text to single line without HTML
$sanitizer->textarea(string $value) string Sanitize input string as multi-line text without no HTML tags
$sanitizer->unentities(string $str) string Remove entity encoded characters from a string.
$sanitizer->url(string $value) string Sanitize and validate given URL or return blank if it can’t be made valid

Arrays

Name Return Summary  
$sanitizer->array($value) array Sanitize array or CSV string to array of strings
$sanitizer->intArray($value) array Sanitize array or CSV string to array of unsigned integers (or signed if specified $min is less than 0)
$sanitizer->minArray(array $data) array Minimize an array to remove empty values
$sanitizer->option($value, array $allowedValues) string, int or null Return $value if it exists in $allowedValues, or null if it doesn't
$sanitizer->options(array $values, array $allowedValues) array Return given values that that also exist in $allowedValues whitelist

Pages

Name Return Summary  
$sanitizer->pageName(string $value) string Sanitize as a ProcessWire page name
$sanitizer->pageNameTranslate(string $value) string Name filter for ProcessWire Page names with transliteration
$sanitizer->pageNameUTF8(string $value) string Sanitize and allow for UTF-8 characters in page name
$sanitizer->pagePathName(string $value) string Sanitize a page path name
$sanitizer->pagePathNameUTF8(string $value) string Sanitize a UTF-8 page path name (does not perform ASCII/UTF8 conversions)
$sanitizer->path(string $value) bool or string Validate the given path, return path if valid, or false if not valid

Constants

Name Return Summary  
Sanitizer::translate const 2 Constant used for the $beautify argument of name sanitizer methods to indicate transliteration may be used.

Files

Name Return Summary  
$sanitizer->filename(string $value) string Name filter for ProcessWire filenames (basenames only, not paths)
$sanitizer->validateFile(string $filename) bool or null Validate a file using FileValidator modules

Other

Name Return Summary  
$sanitizer->bool($value) bool Convert the given value to a boolean
$sanitizer->purifier() MarkupHTMLPurifier Return a new HTML Purifier instance
$sanitizer->testAll($value) array Run value through all sanitizers, return array indexed by sanitizer name and resulting value

Additional methods and properties

In addition to the methods and properties above, Sanitizer also inherits the methods and properties of these classes: