- Filtering and Sanitizing
- Built-in Sanitizers
- Sanitizing data
- Sanitizing from Controllers
- Sanitizing Action Parameters
- Filtering data
- Combining Sanitizers
- Complex Sanitizing and Filtering
- Implementing your own Sanitizer
Filtering and Sanitizing
Sanitizing user input is a critical part of software development. Trusting or neglecting to sanitize user input could lead to unauthorized access to the content of your application, mainly user data, or even the server your application is hosted on.
This component creates a new locator with predefined filters attached to it. Each filter is lazy loaded for maximum performance. To instantiate the factory and retrieve the Phalcon\Filter\FilterLocator with the preset sanitizers you need to call
<?php use Phalcon\Filter\FilterLocatorFactory; $factory = new FilterLocatorFactory(); $locator = $factory->newInstance();
You can now use the locator wherever you need and sanitize content as per the needs of your application.
The filter locator can also be used as a stand alone component, without initializing the built-in filters.
<?php use MyApp\Sanitizers\HelloSanitizer; use Phalcon\Filter\FilterLocator; $services = [ 'hello' => HelloSanitizer::class, ]; $locator = new FilterLocator($services); $text = $locator->hello('World');
Phalcon\Dicontainer already has a
Phalcon\Filter\FilterLocatorobject loaded with the predefined sanitizers. The component can be accessed using the