Jump to content

Search the Community

Showing results for tags 'escape'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • Form Builder
  • ProFields
  • ProCache
  • ProMailer
  • Login Register Pro
  • ProDrafts
  • ListerPro
  • ProDevTools
  • Likes
  • Custom Development

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Found 2 results

  1. Hi. I am no PHP expert and have mostly done WordPress development during the last many years, so I am more used to the WordPress codebase than anything else. I have learned that it is good practice to escape your output with different WordPress functions, such as esc_attr, esc_url, esc_html etc. There is a list of functions here: https://codex.wordpress.org/Data_Validation Here is an example, taken from this tutorial: http://code.tutsplus.com/tutorials/data-sanitization-and-validation-with-wordpress--wp-25536 <h1> <?php echo esc_html($title); ?> </h1> I am aware that there are some sanitation functions in ProcessWire, but I have not seen any for this kind of output. Nor have I found any articles/posts about this kind of practice for ProcessWire. The $sanitizer seems to be more specific used for form input data. However, I assume that this is something one should consider in any PHP environment and not only in WordPress? Am I right? I am simply posting this question here, because I am a bit unsure and would love to here what other PHP developers here think about this and what is best to do in the ProcessWire environment. Looking forward to any feedback or input on this subject.
  2. Hi, I'm trying to build a search function using selectors but when "sanitizing" a string, containing a comma, with Sanitizer::selectorValue it sometimes removes the comma. Here are some test runs (first row is input, second is selectorValue output) : 'test' 'test' "test' "test" ,test, ' "test '" ' '' ','test' "'test" guns n' roses, mötley crüe "guns n' roses mötley crüe" ','test "'test" "''" "" , "" test, test2 "test, test2" Also in the documentation for selectorValue it says: does this mean you can't search for all characters (comma)?
  • Create New...