html Archives - WarpConduit Computing

Escape HTML Function for Browser Output Prevents XSS (Cross-Site Scripting)

April 20, 2013 by Josh Hartman

I don’t know about you but my fingers get tired of escaping output by typing the long-winded htmlspecialchars($str, ENT_QUOTES, 'UTF-8'); over and over again in small PHP projects that don’t need a full-blown framework with automatic output filtering (e.g. CodeIgniter). No matter how small your project is though filtering your output is extremely important so that you prevent malicious users from executing XSS (Cross-Site Scripting) JavaScript code.

So I decided to give my fingers some relief and finally write a short little helper function and share it. See the code and example in the gist below.

Automatically Embedding Video Using Only the URL With the Help of oEmbed

April 13, 2013 by Josh Hartman

One of my favorite functions of the WordPress editor is now the automatic embedding of video and other rich media by simply putting the URL on it’s own line. Really, it’s amazing!

Here is my rip of the WordPress code (found in the WP_Embed and WP_oEmbed classes) and assembled into a class named AutoEmbed. [Read more…]