Developing a MVC Component/Filter input from users
From Joomla! Documentation
< Archived:Developing a MVC ComponentRevision as of 14:38, 3 May 2013 by Tom Hutchison (talk | contribs) (Hutchy68 moved page Developing a Model-View-Controller Component/2.5/Filter input from users to J2.5:Developing a Model-View-Controller Component/Filter input from users: namespacing)
This page has been archived. This page contains information for an unsupported Joomla! version or is no longer relevant. It exists only as a historical reference, it will not be improved and its content may be incomplete and/or contain broken links.
Fields in the xmlfiles can have filter-options to reduce the risk of injecting erroneous or malicious data in the forms in your component. From what I have found, the following filters are available by default, defined on line 162 in filterinput.php
INT / INTEGER: Forces Integer value UINT: Forces absolute Integer value FLOAT / DOUBLE: Forces floating point value BOOL / BOOLEAN: Forces the value to be true or false WORD: Allows only a-z (not case sensitive) and underscores ALNUM: Allow a-z and numbers CMD: allows ALNUM plus the characters _ (underscore) . (dot) - (dash) BASE64: Allows only a base64-encoded string (ALNUM and the characters + / = ) STRING: Removes HTML HTML: Allows basic HTML ARRAY: Forces value to be an array PATH: Forces value to be a file path USERNAME: Only characters allowed in a Joomla username RAW: Allow any content
There are probably more available by default, please edit this doc...