Composer
首页 包列表 提交包 常见问题 关于

定制 prash/string-sanitizer 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

prash/string-sanitizer

Composer 安装命令:

composer require prash/string-sanitizer

包简介

Custom Laravel validator and sanitizer for PHP strings

README 文档

README

Sanitize strings and protect your Laravel application from Cross-site Scripting (XSS) attacks using global helper functions.

This package provides:

  • 🔒 HTML-safe string sanitization using HTMLPurifier
  • ⚙️ Laravel-ready auto-discovery and registration
  • 🧩 Easy-to-use global helper functions
  • 📦 Composer support (private GitHub repo or public Packagist)

🚀 Installation

Option 1: From Packagist (Public)

composer require composer require prash/string-sanitizer

Option 2: From Private GitHub Repository

Add the repository to your Laravel app’s composer.json:

"repositories": [
    {
        "type": "vcs",
        "url": "https://github.com/iamprashanta/string-sanitizer"
    }
],
"require": {
    "prash/string-sanitizer": "dev-main"
}

Then run:

composer update

📂 Package Structure

packages/
└── prash/
    └── string-sanitizer/
        ├── src/
        │   ├── StringSanitizerServiceProvider.php
        │   └── helpers.php
        └── composer.json

🔧 Laravel Auto-Discovery

Laravel 5.5+ will auto-discover and register this package. No need to manually add the service provider.

For Laravel <5.5, add the provider manually to config/app.php:

'providers' => [
    Prash\StringSanitizer\StringSanitizerServiceProvider::class,
],

🧼 Usage

After installation, the following global helper function will be available:

sanitize_string($string);

Example

$name = '<script>alert("xss")</script>John Doe';
$safeName = sanitize_string($name);

// Output: 'John Doe'

🧪 Test in Tinker

php artisan tinker
>>> sanitize_string('<b>Hello</b><script>alert(1)</script>');
=> "Hello"

⚙️ Optional: Auto-Sanitize in Form Requests

To automatically sanitize user input before validation:

In AppServiceProvider:

public function boot()
{
    \Illuminate\Support\Facades\Validator::extend('clean_string', function ($attribute, $value, $parameters, $validator) {
        return $value === sanitize_string($value);
    });
}

Then use it in your validation rules:

'comment' => 'required|clean_string',

🤝 Contributing

  • Fork the repository
  • Create your feature branch: git checkout -b feature/xyz
  • Commit your changes: git commit -m 'Add new feature'
  • Push to the branch: git push origin feature/xyz
  • Open a pull request

🔐 Security

If you discover a security vulnerability, please contact Prashanta Mondal directly instead of using the issue tracker.

📄 License

MIT License — Use freely in personal or commercial projects.

Made with ❤️ by Prashanta Mondal

统计信息

  • 总下载量: 1
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP
访问仓库

其他信息

  • 授权协议: MIT
  • 更新时间: 2025-07-19