Functions to sanitize values.

See for information on writing secure code.


core/includes/, line 1743
Common functions that many Backdrop modules will need to reference.


Name Locationsort descending Description
t core/includes/ Translates a string to the current language or to a given language.
format_string core/includes/ Formats a string for HTML display by replacing variable placeholders.
check_plain core/includes/ Encodes special characters in a plain-text string for display as HTML.
get_t core/includes/ Returns the name of the proper localization function.
backdrop_strip_dangerous_protocols core/includes/ Strips dangerous protocols (e.g. 'javascript:') from a URI.
check_url core/includes/ Strips dangerous protocols from a URI and encodes it for output to HTML.
filter_xss_admin core/includes/ Applies a very permissive XSS/HTML filter for admin-only use.
filter_xss core/includes/ Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities.
_filter_xss_allowed_tags core/includes/ List of the default tags allowed by filter_xss().
_filter_xss_display_allowed_tags core/includes/ Human-readable list of the default tags allowed by filter_xss(), for display in help texts.
_filter_xss_split core/includes/ Processes an HTML tag.
_filter_xss_attributes core/includes/ Processes a string of HTML attributes.
filter_xss_bad_protocol core/includes/ Processes an HTML attribute value and strips dangerous protocols from URLs.
backdrop_attributes core/includes/ Converts an associative array to an XML/HTML tag attribute string.
st core/includes/ Translates a string when some systems are not available.
check_markup core/modules/filter/filter.module Runs all the enabled filters on a piece of text.