[development] valid_input_data no more available on 4.6.4

Fabio Varesano fabio.varesano at gmail.com
Thu Dec 8 20:09:12 UTC 2005


so I have my css.module which adds a text area when
editing a node.
the text inserted into that text area will be used
as css when displaying the page.

I think that input checking on the css field is

This is how I'm using the valid_input_data :

function css_nodeapi(&$node, $op, $teaser, $page) {
case 'validate':
      if (variable_get('css_'. $node->type, TRUE) || 	
!user_access('create css for nodes')) {
        if (!valid_input_data($node->css_css)) {

How do you guys think I have to implement a input check?



Karoly Negyesi wrote:
> On Thu, 08 Dec 2005 12:45:57 +0100, Fabio Varesano 
> <fabio.varesano at gmail.com> wrote:
>> Hi everybody.
>> I just received a bug report on the bug tracking
>> system of my css.module .
>> http://drupal.org/node/40340
>> As wrote there function valid_input_data has been
>> removed from 4.6.4 .
>> Why does it been removed?
>> What can we use for input checking? filter_xss?
>> I think that this change (and others) should be
>> documented on the handbooks.
> I agree and I already mailed the list yesterday on this.
> You can't really do input checking now, valid_input_data was broken
> beyond  repair. We are filtering on output (this was so since long),
> use  check_plain , check_url and check_output as appropriate.
> check_output when  you have a filter format, check_url when you want to
> display a url and  check_plain otherwise if you output your own content.
> Regards
> NK

More information about the development mailing list