Html purifier YII 1

By August 23, 2017PHP, Programming, YII

CHtmlPurifier is wrapper of HTML Purifier.
CHtmlPurifier removes all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist. It will also make sure the resulting code is standard-compliant.

In your model

Add the below content in your model page.

public function rules() {
 return array(array('name, text','check_html'));


public function check_html($obj, $param) {
        $value = strip_tags($this->$obj);
        $p = new CHtmlPurifier();
        $output = $p->purify($value);
        $htmlentity = htmlspecialchars($output, ENT_QUOTES);
        $htmlentity_new = str_replace("amp;amp;", "amp;", $htmlentity);
        $this->$obj = $htmlentity_new;

for more details : CHtmlPurifier

Pankaj Singh Sugara

Author Pankaj Singh Sugara

More posts by Pankaj Singh Sugara