Uploaded image for project: 'COmanage Framework Migration'
  1. COmanage Framework Migration
  2. CFM-318

Convert output escaping to use the h() convenience function

    XMLWordPrintable

Details

    • Task
    • Resolution: Unresolved
    • Minor
    • COmanage Registry 5.1.0 SCU
    • PE Milestone 10 (It's Getting Tense)
    • None

    Description

      In Registry 4.x we adopted the use of filter_var() for output escaping. In PE, we will instead use the much less verbose h() CakePHP convenience function.

      The PHP Sanitize filters page notes:
      "FILTER_SANITIZE_STRING ... (Deprecated as of PHP 8.1.0, use htmlspecialchars() instead.)" (See: https://www.php.net/manual/en/filter.filters.sanitize.php)

      h() is a shorthand for htmlspecialchars().

      Attachments

        Issue Links

          is related to

          Task - A task that needs to be done. CO-667 Remove References to Sanitize Class

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              arlen.johnson@at.internet2.edu Arlen Johnson
              arlen.johnson@at.internet2.edu Arlen Johnson
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: