$sanitizer->textarea() method

Sanitize input string as multi-line text without HTML tags

  • This sanitizer is useful for user-submitted text from a plain-text <textarea> field, or any other kind of string value that might have multiple-lines.

  • Don’t use this sanitizer for values where you want to allow HTML (like rich text fields). For those values you should instead use the $sanitizer->purify() method.

  • If using returned value for front-end output, be sure to run it through $sanitizer->entities() first.

Usage

// basic usage
$string = $sanitizer->textarea(string $value);

// usage with all arguments
$string = $sanitizer->textarea(string $value, array $options = []);

Arguments

NameType(s)Description
valuestring

String value to sanitize

options (optional)array

Options to modify default behavior

  • maxLength (int): maximum characters allowed, or 0=no max (default=16384 or 16kb).
  • maxBytes (int): maximum bytes allowed (default=0, which implies maxLength*4 or 64kb).
  • stripTags (bool): strip markup tags? (default=true).
  • stripMB4 (bool): strip emoji and other 4-byte UTF-8? (default=false).
  • stripIndents (bool): Remove indents (space/tabs) at the beginning of lines? (default=false). Since 3.0.105
  • reduceSpace (bool|string): reduce consecutive whitespace to single? Specify true or character to reduce to (default=false). Since 3.0.105
  • allowableTags (string): markup tags that are allowed, if stripTags is true (use same format as for PHP's strip_tags() function.
  • convertEntities (bool): convert HTML entities to equivalent character(s)? (default=false). Since 3.0.105
  • truncateTail (bool): if truncate necessary for maxLength, truncate from end/tail? Use false to truncate head (default=true). Since 3.0.105
  • allowCRLF (bool): allow CR+LF newlines (i.e. "\r\n")? (default=false, which means "\r\n" is replaced with "\n").
  • inCharset (string): input character set (default="UTF-8").
  • outCharset (string): output character set (default="UTF-8").

Return value

string

See Also


$sanitizer methods and properties

API reference based on ProcessWire core version 3.0.161

Twitter updates

  • New ProcessWire query expansion search operators can now add automatic word inflections and lemmatisation, enabling you to build even smarter search engines with ProcessWire. More
    3 July 2020
  • ProcessWire 3.0.161 adds support for selector operator stacking, enabling you automatically broaden searches in a single pages.find() call— More
    26 June 2020
  • ProcessWire 3.0.160 adds powerful new text-searching operators, bringing a new level of power to page-finding API calls, especially when it comes to search engine type queries. Post also includes a demo search engine where you can test it all out live— More
    19 June 2020

Latest news

  • ProcessWire Weekly #321
    In the 321st issue of ProcessWire Weekly we're going to check out the latest core updates, introduce two new third party modules, and check out a brand new site of the week. Read on!
    Weekly.pw / 4 July 2020
  • Powerful new text-searching abilities in 3.0.160
    In ProcessWire 3.0.160 we’ve got some major upgrades and additions to our text-search abilities. This brings a whole new level of power to $pages->find() and similar API calls, especially when it comes to search engine type queries.
    Blog / 19 June 2020
  • Subscribe to weekly ProcessWire news

“We were really happy to build our new portfolio website on ProcessWire! We wanted something that gave us plenty of control on the back-end, without any bloat on the front end - just a nice, easy to access API for all our content that left us free to design and build however we liked.” —Castus, web design agency in Sheffield, UK