Search

Training

Our next U.S. stop:

Charlotte, NC - Blue Collar Git
Friday, June 8, 2012

Mike Anello and Andrew Riley from Mediacurrent are teaming up to offer the first Blue Collar Git workshop on Friday, June 8 as part of DrupalCamp Charlotte (also part of the Southeast LinuxFest). The cost is only $149 for the full day if you register during the month of May ($199 otherwise). 

Blue Collar Git
Click for more info and to register!

Check the schedule for additional dates and locations. Contact us to suggest a location or schedule custom training for your organization.

New Podcast

DrupalEasy Podcast 82: Mapping Middle Earth
Posted Wednesday, May 9 at 7:50 am
Brandon Morrison (Brandonian on drupal.org) joins Andrew Riley and Mike Anello on the first post-DrupalCon Denver edition of the podcast to talk about all things Geo in Drupal 7. Brandon is one of the maintainers of the GeoField module and is an active member of the Drupal Geo community.
Download Podcast 82
DrupalEasy_ep82_20120509.mp3
read more
Syndicate content

Newsletter

Stay up-to-date on DrupalEasy workshops and other events. On average, we send about one newsletter per month.

Testimonial

Anonymous
Mike is a great teacher!
read more

Who are we?

DrupalEasy is the collective expertise of Ryan Price and Michael Anello, who joined forces to provide training and consulting services worldwide. Read all about them and what they can do.

What is Drupal?

Drupal is a free, super-powerful content management system for sites that require information posting and collection, including blogs, forums, videos, photos, and databases of information. We think it is the best platform available. Here's why...

Why Drupal?

More and more savvy organizations are going with Drupal for content management, and its no mystery why. It’s free, flexible, and easy to maintain for small or large volume sites. Learn more...

Why filter_xss() is a Friend to Module Developers

Submitted by ultimike on Thu, 05/14/2009 - 21:38

When writing custom modules, few functions are as useful as filter_xss(). In a nutshell, this function protects your web site from both malicious HTML and unwanted tags.

The function takes some text and, in effect, "cleans" it based on some very simple rules. First and foremost, it makes sure any HTML elements, tags, and attributes are well-formed. It also removes any non-standard characters and constructs that can trick browsers. Finally, it can remove any HTML tags depending on an argument passed to the function.

The function can be used when printing out text to the user or when importing text from a not-completely-trustworthy source. In the past, I've also used it to simply remove HTML tags that I didn't want showing up anymore. If you do any Drupal development, familiarity with this function is a must.

Trackback URL for this post:

http://drupaleasy.com/trackback/121
No votes yet

More Quicktips


Syndicate content