Sanitise
Elements
The XFL sanitise element sanitises values submitted to a form. For example, if you wanted to remove HTML tags from a field's value.
Dissection of the XFL Sanitise Element
Syntax
Attributes
| Attribute | Value | Description | Required |
|---|---|---|---|
| type | method name | method to execute in the XFL_Sanitise class |  |
| value | text | value to pass to the method |  |
| select | XPath query | XPath query to retrive a value from data (post or population data) | |
Processing Information
XFL Sanitise elements will execute the method defined in the type attribute in the XFL_Sanitise class. Custom sanitisation can be created by adding new methods to the XFL_Sanitise class.
Built-in Functions
XFL comes with the following sanitisation methods built-in.
text
The text sanitiser removes control characters (like new lines) and markup tags from post values.
Example:
Outcome:
The value will become 'Mr. HTML Injector'.
plainText
The plainText sanitiser removes markup tags from post values.
Example:
Outcome:
The value will become 'Mr. HTML Injector Returns'.
toInt
The toInt sanitiser converts numeric values to integers. If the value is not numeric, the value will become NULL.
Example:
Outcome:
The value will become '100'.