$sanitizer->textarea() method

Sanitize input string as multi-line text without no HTML tags

  • This sanitizer is useful for user-submitted text from a plain-text <textarea> field, or any other kind of string value that might have multiple-lines.

  • Don’t use this sanitizer for values where you want to allow HTML (like rich text fields). For those values you should instead use the $sanitizer->purify() method.

  • If using returned value for front-end output, be sure to run it through $sanitizer->entities() first.

Usage

// basic usage
$string = $sanitizer->textarea(string $value);

// usage with all arguments
$string = $sanitizer->textarea(string $value, array $options = []);

Arguments

NameType(s)Description
valuestring

String value to sanitize

options (optional)array

Options to modify default behavior

  • maxLength (int): maximum characters allowed, or 0=no max (default=16384 or 16kb).
  • maxBytes (int): maximum bytes allowed (default=0, which implies maxLength*3 or 48kb).
  • stripTags (bool): strip markup tags? (default=true).
  • stripMB4 (bool): strip emoji and other 4-byte UTF-8? (default=false).
  • stripIndents (bool): Remove indents (space/tabs) at the beginning of lines? (default=false). Since 3.0.105
  • reduceSpace (bool|string): reduce consecutive whitespace to single? Specify true or character to reduce to (default=false). Since 3.0.105
  • allowableTags (string): markup tags that are allowed, if stripTags is true (use same format as for PHP's strip_tags() function.
  • convertEntities (bool): convert HTML entities to equivalent character(s)? (default=false). Since 3.0.105
  • truncateTail (bool): if truncate necessary for maxLength, truncate from end/tail? Use false to truncate head (default=true). Since 3.0.105
  • allowCRLF (bool): allow CR+LF newlines (i.e. "\r\n")? (default=false, which means "\r\n" is replaced with "\n").
  • inCharset (string): input character set (default="UTF-8").
  • outCharset (string): output character set (default="UTF-8").

Return value

string

See Also


$sanitizer methods and properties

API reference based on ProcessWire core version 3.0.125

Twitter updates

  • New post: This week we take a look at what’s in ProcessWire 3.0.126 which focuses largely on resolving issue reports, but also includes a handy new Page if() method— More
    15 February 2019
  • New post: ProcessWire 3.0.125 has several useful new Sanitizer methods & options, plus new ways to access them directly from the Input API variable. This makes handling user input even easier than before. Plus updates to our i18n functions & API docs— More
    25 January 2019
  • New post: In this week’s post, we’ll take a look a look at the new website and focus on some parts of it and how they were built. Then we’ll dive into the latest version of ProcessWire on the dev branch, version 3.0.124— More
    11 January 2019

Latest news

  • ProcessWire Weekly #249
    In the 249th issue of ProcessWire Weekly we're going to walk you through the latest core updates (ProcessWire 3.0.126), introduce a new third party module called Page Access Releasetime, and pick a new site of the week. Read on!
    Weekly.pw / 16 February 2019
  • ProcessWire 3.0.126 core updates
    This week we take a look at what’s in ProcessWire 3.0.126 which focuses largely on resolving issue reports, but also includes a handy new $page->if() method. 
    Blog / 15 February 2019
  • Subscribe to weekly ProcessWire news

“The end client and designer love the ease at which they can update the website. Training beyond how to log in wasn’t even necessary since ProcessWire’s default interface is straightforward.” —Jonathan Lahijani