$sanitizer->entitiesMarkdown() method

Entity encode while translating some markdown tags to HTML equivalents

If you specify boolean TRUE for the $options argument, full markdown is applied. Otherwise, only basic markdown allowed, as outlined in the examples.

The primary reason to use this over full-on Markdown is that it has less overhead and is faster then full-blown Markdown, for when you don't need it. It's also safer for text coming from user input since it doesn't allow any other HTML. But if you just want full markdown, then specify TRUE for the $options argument.

Basic allowed markdown currently includes:

  • **strong**
  • *emphasis*
  • [anchor-text](url)
  • ~~strikethrough~~
  • code surrounded by backticks

Example

// basic markdown
echo $sanitizer->entitiesMarkdown($str);

// full markdown
echo $sanitizer->entitiesMarkdown($str, true); 

Usage

// basic usage
$string = $sanitizer->entitiesMarkdown(string $str);

// usage with all arguments
$string = $sanitizer->entitiesMarkdown(string $str, $options = []);

Arguments

NameType(s)Description
strstring

String to apply markdown to

options (optional)array, bool, int

Options include the following, or specify boolean TRUE to apply full markdown.

  • fullMarkdown (bool): Use full markdown rather than basic? (default=false) when true, most options no longer apply. Note: A markdown flavor integer may also be supplied for the fullMarkdown option.
  • flags (int): PHP htmlentities() flags. Default is ENT_QUOTES.
  • encoding (string): PHP encoding type. Default is 'UTF-8'.
  • doubleEncode (bool): Whether to double encode (if already encoded). Default is true.
  • allow (array): Only markdown that translates to these tags will be allowed. Default is most inline HTML tags.
  • disallow (array): Specified tags (in the default allow list) that won't be allowed. Default=[] empty array. (Note: The 'disallow' is an alternative to the default 'allow'. No point in using them both.)
  • linkMarkup (string): Markup to use for links. Default=<a href="{url}" rel="nofollow" target="_blank">{text}</a>.
  • allowBrackets (bool): Allow some inline-level bracket tags, i.e. [span.detail]text[/span] ? (default=false)

Return value

string

Formatted with a flavor of markdown


$sanitizer methods and properties

API reference based on ProcessWire core version 3.0.161

Twitter updates

  • New ProcessWire query expansion search operators can now add automatic word inflections and lemmatisation, enabling you to build even smarter search engines with ProcessWire. More
    3 July 2020
  • ProcessWire 3.0.161 adds support for selector operator stacking, enabling you automatically broaden searches in a single pages.find() call— More
    26 June 2020
  • ProcessWire 3.0.160 adds powerful new text-searching operators, bringing a new level of power to page-finding API calls, especially when it comes to search engine type queries. Post also includes a demo search engine where you can test it all out live— More
    19 June 2020

Latest news

  • ProcessWire Weekly #321
    In the 321st issue of ProcessWire Weekly we're going to check out the latest core updates, introduce two new third party modules, and check out a brand new site of the week. Read on!
    Weekly.pw / 4 July 2020
  • Powerful new text-searching abilities in 3.0.160
    In ProcessWire 3.0.160 we’ve got some major upgrades and additions to our text-search abilities. This brings a whole new level of power to $pages->find() and similar API calls, especially when it comes to search engine type queries.
    Blog / 19 June 2020
  • Subscribe to weekly ProcessWire news

“We chose ProcessWire because of its excellent architecture, modular extensibility and the internal API. The CMS offers the necessary flexibility and performance for such a complex website like superbude.de. ProcessWire offers options that are only available for larger systems, such as Drupal, and allows a much slimmer development process.” —xport communication GmbH