Support the ongoing development of Laravel.io →
Security Input Validation
Last updated 2 years ago.
0

What do you want to validate about it?

0

Make sure no malicious attempt is made

0

You could use the helper below to clean any html tags by converting them into their html entity equivalent. You don't need to worry about SQL injection as laravel uses prepared statements. In the newer versions of laravel you can use {{{ your_data }}} when showing the entered data on screen to escape it.

class XssHelper {

    public static function cleanInput($data) {
        $sanitized = htmlentities($data);
        return($sanitized);
    }


}
Last updated 9 years ago.
0

Thanks for class, was doing this anyways...

0

Laravel 5 escapes your output with 2 curly braces. 3 braces is unnecessary, and that was a feature from Laravel 4.

Also, if you want to sanitize input from an editor like tinymce or something, then HTML purifier is probably the best method of doing so. There is also a package for it too.

https://github.com/mewebstudio/Purifier

0

Sign in to participate in this thread!

Eventy

Your banner here too?

ZHRotator zhrotator Joined 3 Sep 2015

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2024 Laravel.io - All rights reserved.