I heard that Sanitize of CakePHP will be discontinued, so I am looking for a library that can be used as a native PHP instead.
I've only touched CakePHP, so I don't know what's standard and trustworthy, so please let me know.php
You can use the PHP standard
htmlspecialchars() instead of
Sanitize::html().For tag removal, there is also a function with the same name as
tripTags() in the PHP standard.
escape(), if you were using it, it means that you are either assembling SQL with strings or accidentally escaping unnecessary situations where you don't need to escape.In rare cases,
escape() is required.Unless you understand it and use it, you are using it incorrectly.
If you don't know how wrong it is, or if you're using another Sanitize function
clean(), you might want to review why you need an escape.I will introduce you to the book "How to Create a Secure Web Application to Learn Systematically", so I recommend that you read it through it.
The rest of the functions are simple string replacements, so you can implement them on your own if you need them.
© 2022 OneMinuteCode. All rights reserved.