On Monday, 12 December 2016 at 10:25:05 UTC, aberba wrote:
How about alternative to php strip_tags(), strip_slash() ?
I wouldn't use those functions anyway in most cases: instead of stripping stuff, just encode it properly for the output.
So, if it is being output to JSON or javascript, json encode it. If it is going to HTML, html encode it. If a URL, url encode it. If to a database, use a prepared statement.
You may need to use multiple layers. A link may be both URL and HTML encoded, because first it is a url, then it is being added to a html document so it needs that too.
I don't know the vibe library, but my dom.d has a bunch of options for html encode.
