Escaper
Zemit\Html\Escaper
Escapes different kinds of text securing them. By using this component you may prevent XSS attacks.
This component only works with UTF-8. The PREG extension needs to be compiled with UTF-8 support.
$escaper = new \Phalcon\Html\Escaper();
$escaped = $escaper->escapeCss("font-family: <Verdana>");
echo $escaped; // font\2D family\3A \20 \3C Verdana\3E
- Full name:
\Zemit\Html\Escaper - Parent class:
Escaper - This class implements:
\Zemit\Html\Escaper\EscaperInterface
Methods
json
Escapes a JSON string by raw URL encoding it.
public json(mixed|null $json = null): string
JS side could decode and parse this way: JSON.parse(decodeURIComponent('<?= $this->escaper->json([]);?>'));
Parameters:
| Parameter | Type | Description |
|---|---|---|
$json | **mixed | null** |
Return Value:
Returns the raw URL encoded JSON string.