Data Sanitization

13 views
Skip to first unread message

Langdon Stevenson

unread,
Aug 9, 2007, 9:05:51 PM8/9/07
to cakeph...@googlegroups.com
Preface:

I am aware that it will take me a while to get a feel for this task, so
I would greatly appreciate feedback on how I am going about it. Am I
over complicating things?


Thoughts and questions on Section 1 Data Sanitization document:


Current documentation:
=======================================================================
Section 1
Using Sanitize in Your Application

Cake comes with Sanitize, a class you can use to rid user-submitted data
of malicious attacks and other unwanted data. Sanitize is a core
library, so it can be used anywhere inside of your code, but is probably
best used in controllers or models.
// First, include the core library:

uses('sanitize');

// Next, create a new Sanitize object:

$mrClean = new Sanitize();

// From here, you can use Sanitize to clean your data
// (These methods explained in the next section)
=======================================================================


Question:
----------
Looking at the existing documentation (above) it is unclear (for a noob
like myself) where uses(); should be called. I think that a complete
function showing how to use sanitize would be the most effective way to
demonstrate. Perhaps something like this:


=======================================================================
Section 1
Using Sanitize in Your Application

Cake comes with Sanitize, a class you can use to rid user-submitted data
of malicious attacks and other unwanted data. Sanitize is a core
library, so it can be used anywhere inside of your code, but is probably
best used in controllers or models.

To start using Sanitize in your functions:

function myTestFunction () {

// First, include the sanitize core library:
uses('sanitize');

// Next, create a new Sanitize object:
$mrClean = new Sanitize();

}

From here, you can use Sanitize to clean your data. These methods are
explained in the next section.
=======================================================================


In the past I have had real confusion over:

uses();

versus

$uses = array();


What I proposed above would clarify this for me (as a PHP and Cake noob).

Does anyone have any comments?

Regards,
Langdon

John David Anderson

unread,
Aug 9, 2007, 9:59:28 PM8/9/07
to cakeph...@googlegroups.com

Sounds fine to me - you might also want to mention that the uses()
call can be done before the function (or even class) definition.

uses('sanitize');

class Whatever
{
function cleaner() {}
}

-- John


Langdon Stevenson

unread,
Aug 9, 2007, 10:04:08 PM8/9/07
to cakeph...@googlegroups.com
John David Anderson wrote:
> Sounds fine to me - you might also want to mention that the uses()
> call can be done before the function (or even class) definition.
>
> uses('sanitize');
>
> class Whatever
> {
> function cleaner() {}
> }
>
> -- John

Thanks John. That is just the sort of input I was looking for. I will
add your suggestion as a footnote to that section.

Regards,
Langdon

Reply all
Reply to author
Forward
0 new messages