Actions

J2.5

Difference between revisions of "Developing a MVC Component/Filter input from users"

From Joomla! Documentation

< J2.5:Developing a MVC Component
(2 intermediate revisions by one user not shown)
Line 1: Line 1:
Fields in the xmlfiles can have filter-options to reduce the risk of injecting erroneous or malicious data in the forms in your component. From what I have found, the following filters are available by default, defined on line 162 in [ http://api.joomla.org/__filesource/fsource_Joomla-Platform_Filter_librariesjoomlafilterinput.php.html filterinput.php]
+
Fields in the xmlfiles can have filter-options to reduce the risk of injecting erroneous or malicious data in the forms in your component. From what I have found, the following filters are available by default, defined on line 162 in [http://api.joomla.org/__filesource/fsource_Joomla-Platform_Filter_librariesjoomlafilterinput.php.html filterinput.php]
  
 
INT / INTEGER: Forces Integer value
 
INT / INTEGER: Forces Integer value

Revision as of 08:06, 21 December 2012

Fields in the xmlfiles can have filter-options to reduce the risk of injecting erroneous or malicious data in the forms in your component. From what I have found, the following filters are available by default, defined on line 162 in filterinput.php

INT / INTEGER: Forces Integer value UINT: Forces absolute Integer value FLOAT / DOUBLE: Forces floating point value BOOL / BOOLEAN: Forces the value to be true or false WORD: Allows only a-z (not case sensitive) and underscores ALNUM: Allow a-z and numbers CMD: allows ALNUM plus the characters _ (underscore) . (dot) - (dash) BASE64: Allows only a base64-encoded string (ALNUM and the characters + / = ) STRING: Removes HTML HTML: Allows basic HTML ARRAY: Forces value to be an array PATH: Forces value to be a file path USERNAME: Only characters allowed in a Joomla username RAW: Allow any content

There are probably more available by default, please edit this doc...