Use strip tags in sanitize_text over deprecated FILTER_SANITIZE_STRING

2022-02-02 02:18:33 +01:00 · 2022-02-02 02:18:33 +01:00 · 321609306d
commit 321609306d
parent 2a333c1de6
1 changed files with 2 additions and 3 deletions
--- a/src/MD_STD_IN.php
+++ b/src/MD_STD_IN.php
@ -73,13 +73,12 @@ final class MD_STD_IN {
     */
    public static function sanitize_text(mixed $input):string {

-        $output = \filter_var($input,
-            FILTER_SANITIZE_STRING,
-            FILTER_FLAG_NO_ENCODE_QUOTES);
+        $output = \filter_var($input, FILTER_UNSAFE_RAW);

        if ($output === false) {
            return "";
        }
+        $output = strip_tags($output);
        while (strpos($output, "  ") !== false) {
            $output = str_replace("  ", " ", $output);
        }