Same name and namespace in other branches
- 4.6.x includes/bootstrap.inc \check_plain()
- 4.7.x includes/bootstrap.inc \check_plain()
- 5.x includes/bootstrap.inc \check_plain()
- 6.x includes/bootstrap.inc \check_plain()
Encodes special characters in a plain-text string for display as HTML.
Also validates strings as UTF-8 to prevent cross site scripting attacks on Internet Explorer 6.
Parameters
string $text: The text to be checked or processed.
Return value
string An HTML safe version of $text. If $text is not valid UTF-8, an empty string is returned and, on PHP < 5.4, a warning may be issued depending on server configuration (see https://bugs.php.net/bug.php?id=47494).
See also
Related topics
180 calls to check_plain()
- aggregator_categorize_items in modules/
aggregator/ aggregator.pages.inc - Form constructor to build the page list form.
- aggregator_form_feed in modules/
aggregator/ aggregator.admin.inc - Form constructor for adding and editing feed sources.
- block_admin_display_form in modules/
block/ block.admin.inc - Form constructor for the main block administration form.
- block_form_user_profile_form_alter in modules/
block/ block.module - Implements hook_form_FORM_ID_alter() for user_profile_form().
- callback_batch_operation in modules/
system/ form.api.php - Perform a single batch operation.
9 string references to 'check_plain'
- aggregator_form_opml in modules/
aggregator/ aggregator.admin.inc - Form constructor for importing feeds from OPML.
- block_admin_configure in modules/
block/ block.admin.inc - Form constructor for the block configuration form.
- filter_admin_format_form in modules/
filter/ filter.admin.inc - Form constructor for the text format add/edit form.
- node_form_search_form_alter in modules/
node/ node.module - Implements hook_form_FORM_ID_alter().
- node_menu in modules/
node/ node.module - Implements hook_menu().
File
- includes/
bootstrap.inc, line 1910 - Functions that need to be loaded on every Drupal request.
Code
function check_plain($text) {
return htmlspecialchars((string) $text, ENT_QUOTES, 'UTF-8');
}