0

As sanitize seems to be deprecated since CakePHP 2.4 I'm wondering what's the best way to sanitize data in CakePHP.

The documentation says you can accomplish the same tasks using other parts of CakePHP, native PHP functions, or other libraries. But it doesn't mention which PHP functions or which other parts of CakePHP.

I'm having troubles saniziting data from a mail that will get added into the DB. Without sanitation the query would fail:

SQLSTATE[HY000]: General error: 1366 Incorrect string value: '\xE2?\xAC\xC5?C... (file://xe2/?\xAC\xC5?C...)' for column 'body' at row 1"}}

Alvaro
  • 40,778
  • 30
  • 164
  • 336
  • https://github.com/burzum/cakephp-html-purifier/releases use the 1.* release series for CakePHP2, the 2.* tag is for CakePHP3. – floriank May 17 '16 at 12:24
  • What about using other CakePHP functions or native PHP functions for that? – Alvaro May 17 '16 at 14:49
  • 1
    You usually only ever sanitize HTML, see http://www.dereuromark.de/2010/10/05/cakephp-security/ – mark May 17 '16 at 15:05
  • 1
    Having people list all the possible sanitizing methods of CakePHP, PHP, and third party libraries for all possible kinds of data, isn't really something that fits here. What I'm trying to say is, you should be a little more specific as to _what data exactly_ you need to sanitize in _what way exactly_, for _which purpose exactly_ (**http://stackoverflow.com/questions/1168036/how-to-fix-incorrect-string-value-errors**). – ndm May 17 '16 at 15:30

0 Answers0