wash

Summary

Returns an HTML-safe version of the input string.

Usage

input|wash( [type] )

Parameters

Name	Type	Description	Required
type	string	The type of text that should be washed.	No.

Returns

An HTML-safe version of the input string.

Description

This operator translates the input string into an HTML friendly version. It will take care of converting bogus characters to HTML-friendly replacements. The "type" parameter can be used to specify the washing type, it can be set to either "xhtml" or "email" (the default is "xhtml"). E-mail washing can be controlled using the setting of the [WashSettings] configuration block of "template.ini". All strings that may break the HTML should always be washed using this operator.

Examples

Example 1

{'Bogus & stuff &lt;'|wash()}
The following output will be produced: "Bogus &amp; stuff &lt;".

Example 2

{'hello@example.com'|wash( 'email' )}

The following output will be produced:

hello<span class="spamfilter">SPAMFILTER</span>@example.com

Example 3

{'hello@example.com'|wash( 'email' )}

If a configuration override for "template.ini" exists and contains...

[WashSettings]
EmailDotText=[dot]
EmailAtText=[at]

...the following output will be produced: "hello[at]example[dot]com".

Written by:Balazs Halasy (05/02/2004 11:02 am)

Last updated by:Geir Arne Waaler (23/04/2010 7:37 am)

Maintainers:Balazs Halasy, Geir Arne Waaler

Comments

Additional parameters "javascript" & "pdf"

Monday 13 March 2006 1:56:27 am

Bruce Morrison

The wash operator will also take "javascript" & "pdf" as parameter
Wash only & quotes < > signs with htmlspecialchars

Wednesday 29 November 2006 1:37:06 pm

Guitou

Can you tell me why the wash function uses htmlspecialchars php function instead of htmlentities php function in order to wash ALL the bogus characters for a good HTML result ?

Path

Table of contents