Document PMA_sanitize.

2010-08-18 11:42:08 +02:00
parent a4a54da173
commit 0fe30236fa
1 changed files with 10 additions and 1 deletions
--- a/libraries/sanitizing.lib.php
+++ b/libraries/sanitizing.lib.php
@@ -7,11 +7,20 @@

 /**
 * Sanitizes $message, taking into account our special codes
- * for formatting
+ * for formatting.
+ *
+ * If you want to include result in element attribute, you should escape it.
+ *
+ * Examples:
+ *
+ * <p><?php echo PMA_sanitize($foo); ?></p>
+ *
+ * <a title="<?php echo PMA_sanitize($foo, true); ?>">bar</a>
 *
 * @uses    preg_replace()
 * @uses    strtr()
 * @param   string   the message
+ * @param   boolean  whether to escape html in result
 *
 * @return  string   the sanitized message
 *