prash / string-sanitizer
Custom Laravel validator and sanitizer for PHP strings
Maintainers
Requires
- php: >=8.0
This package is auto-updated.
Last update: 2026-04-22 08:48:24 UTC
README
Sanitize strings and protect your Laravel application from Cross-site Scripting (XSS) attacks using global helper functions.
This package provides:
- ๐ HTML-safe string sanitization using HTMLPurifier
- โ๏ธ Laravel-ready auto-discovery and registration
- ๐งฉ Easy-to-use global helper functions
- ๐ฆ Composer support (private GitHub repo or public Packagist)
๐ Installation
Option 1: From Packagist (Public)
composer require composer require prash/string-sanitizer
Option 2: From Private GitHub Repository
Add the repository to your Laravel appโs composer.json:
"repositories": [ { "type": "vcs", "url": "https://github.com/iamprashanta/string-sanitizer" } ], "require": { "prash/string-sanitizer": "dev-main" }
Then run:
composer update
๐ Package Structure
packages/
โโโ prash/
โโโ string-sanitizer/
โโโ src/
โ โโโ StringSanitizerServiceProvider.php
โ โโโ helpers.php
โโโ composer.json
๐ง Laravel Auto-Discovery
Laravel 5.5+ will auto-discover and register this package. No need to manually add the service provider.
For Laravel <5.5, add the provider manually to config/app.php:
'providers' => [ Prash\StringSanitizer\StringSanitizerServiceProvider::class, ],
๐งผ Usage
After installation, the following global helper function will be available:
sanitize_string($string);
Example
$name = '<script>alert("xss")</script>John Doe'; $safeName = sanitize_string($name); // Output: 'John Doe'
๐งช Test in Tinker
php artisan tinker >>> sanitize_string('<b>Hello</b><script>alert(1)</script>'); => "Hello"
โ๏ธ Optional: Auto-Sanitize in Form Requests
To automatically sanitize user input before validation:
In AppServiceProvider:
public function boot() { \Illuminate\Support\Facades\Validator::extend('clean_string', function ($attribute, $value, $parameters, $validator) { return $value === sanitize_string($value); }); }
Then use it in your validation rules:
'comment' => 'required|clean_string',
๐ค Contributing
- Fork the repository
- Create your feature branch:
git checkout -b feature/xyz - Commit your changes:
git commit -m 'Add new feature' - Push to the branch:
git push origin feature/xyz - Open a pull request
๐ Security
If you discover a security vulnerability, please contact Prashanta Mondal directly instead of using the issue tracker.
๐ License
MIT License โ Use freely in personal or commercial projects.
Made with โค๏ธ by Prashanta Mondal