$sanitizer->textarea() method

Sanitize input string as multi-line text without HTML tags

  • This sanitizer is useful for user-submitted text from a plain-text <textarea> field, or any other kind of string value that might have multiple-lines.

  • Don’t use this sanitizer for values where you want to allow HTML (like rich text fields). For those values you should instead use the $sanitizer->purify() method.

  • If using returned value for front-end output, be sure to run it through $sanitizer->entities() first.

Usage

// basic usage
$string = $sanitizer->textarea(string $value);

// usage with all arguments
$string = $sanitizer->textarea(string $value, array $options = []);

Arguments

NameType(s)Description
valuestring

String value to sanitize

options (optional)array

Options to modify default behavior

  • maxLength (int): maximum characters allowed, or 0=no max (default=16384 or 16kb).
  • maxBytes (int): maximum bytes allowed (default=0, which implies maxLength*3 or 48kb).
  • stripTags (bool): strip markup tags? (default=true).
  • stripMB4 (bool): strip emoji and other 4-byte UTF-8? (default=false).
  • stripIndents (bool): Remove indents (space/tabs) at the beginning of lines? (default=false). Since 3.0.105
  • reduceSpace (bool|string): reduce consecutive whitespace to single? Specify true or character to reduce to (default=false). Since 3.0.105
  • allowableTags (string): markup tags that are allowed, if stripTags is true (use same format as for PHP's strip_tags() function.
  • convertEntities (bool): convert HTML entities to equivalent character(s)? (default=false). Since 3.0.105
  • truncateTail (bool): if truncate necessary for maxLength, truncate from end/tail? Use false to truncate head (default=true). Since 3.0.105
  • allowCRLF (bool): allow CR+LF newlines (i.e. "\r\n")? (default=false, which means "\r\n" is replaced with "\n").
  • inCharset (string): input character set (default="UTF-8").
  • outCharset (string): output character set (default="UTF-8").

Return value

string

See Also


$sanitizer methods and properties

API reference based on ProcessWire core version 3.0.137

Twitter updates

  • We added WebP image support this year and many have been adopting it in existing projects. We look at a process used for migrating existing websites to WebP images— from preliminary considerations to implementation & testing, w/lots of tips & tricks too: More
    16 August 2019
  • Core version 3.0.137 on the dev branch adds the ability to hook multiple methods at once, in a single call. This post details how it works and provides a useful example of how you might put it to use in your development environment— More
    2 August 2019
  • ProcessWire 3.0.136 updates our CKEditor version and adds a new backtrace() method to the core Debug class— More
    26 July 2019

Latest news

  • ProcessWire Weekly #275
    In the 275th issue of ProcessWire Weekly we're going to walk you through the new features included in ProcessWire 3.0.138, cover some WebP related stuff, and highlight recent forum posts and online resources. Read on!
    Weekly.pw / 17 August 2019
  • WebP images on an existing site
    In this post we’ll look at a process used for migrating an existing website to use WebP images. We’ll cover everything from preliminary considerations to implementation and testing, with lots of tips and tricks along the way.
    Blog / 16 August 2019
  • Subscribe to weekly ProcessWire news

“Indeed, if ProcessWire can be considered as a CMS in its own right, it also offers all the advantages of a CMF (Content Management Framework). Unlike other solutions, the programmer is not forced to follow the proposed model and can integrate his/her ways of doing things.” —Guy Verville, Spiria Digital Inc.