Sanitization

Sanitization is the process of cleaning user input to prevent malicious code injection. It is an important step in preventing cross-site scripting (XSS) attacks.

Metapress provides a simple way to sanitize user input using the Sanitizer class.

Please refer to the WordPress documentation for more information about sanitization.

Sanitizing user input

To sanitize user input, you can use the clean method of the Sanitizer class. This method takes the input as an argument and returns the sanitized input.

php

use Sematico\Metapress\Utils\Sanitizer;

$input = '<script>alert("XSS");</script>';

$sanitized = Sanitizer::clean( $input );

In this example, the $input variable contains a string that contains a script tag. The Sanitizer::clean() method removes the script tag and returns the sanitized input.

The method also accepts arrays as input and returns an array of sanitized values.

php

use Sematico\Metapress\Utils\Sanitizer;

$input = [ '<script>alert("XSS");</script>', 'Hello, world!' ];

$sanitized = Sanitizer::clean( $input );

Sanitizing textarea input

To sanitize textarea input, you can use the clean_textarea method of the Sanitizer class. This method takes the input as an argument and returns the sanitized input.

Textarea input is a multi-line text field that allows users to enter multiple lines of text. This is why we have a separate method for sanitizing textarea input.

Sanitization ​

Sanitizing user input ​

Sanitizing textarea input ​

Sanitization

Sanitizing user input

Sanitizing textarea input