function check_plain

check_plain($text)

Encodes special characters in a plain-text string for display as HTML.

Also validates strings as UTF-8 to prevent cross site scripting attacks on Internet Explorer 6.

Parameters

string $text: The text to be checked or processed.

Return value

string An HTML safe version of $text. If $text is not valid UTF-8, an empty string is returned and, on PHP < 5.4, a warning may be issued depending on server configuration (see https://bugs.php.net/bug.php?id=47494).

See also

drupal_validate_utf8()

Related topics

Sanitization functions
Functions to sanitize values.

File

includes/bootstrap.inc, line 1827
Functions that need to be loaded on every Drupal request.

Code

function check_plain($text) {
  return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
}

© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/includes!bootstrap.inc/function/check_plain/7.x