options->trusted: Indicates that this content is trusted and does not need clean-up (but only if $CFG->enabletrusttext is true).Never use it for general text places (posts.) or you will be, sooner or later, attacked! Note that this option is ignored for FORMAT_PLAIN, the text is never cleaned. You shouldn't set it to true ever unless you are 200% sure that only controlled users can edit it (mainly admins). options->noclean: To decide if we want to skip the clean-up of text, un-protecting us from attacks and other security flaws (defaults to false, so protection is enabled.You only need to define them if they are different from the default value assumed. options: Here we can specify how we want the process to be performed.Other formats are FORMAT_HTML, FORMAT_PLAIN, FORMAT_MARKDOWN. It defaults to FORMAT_MOODLE that is a cool format to process plain text because it features automatic link conversion, smilies and good conversion to html output. format: To tell the function about how the data has been entered.Some interesting parameters for this function are: Also, it includes a strong cache mechanism (DB based) that will alleviate the server from a lot of work processing the same texts time and again. Note that this function is really heavy because it supports cleaning of dangerous contents, delegates processing to enabled content filters, supports different formats of text (HTML, PLAIN, MARKDOWN, MOODLE) and performs a lot of automatic conversions like adding smilies, build links. Together, these functions enable Moodle multi-language support. Not to be confused with get_string which is used to access localized strings in Moodle and its language packs. filter content through Moodle or 3rd party language filters for multi-language support.It is mainly used for long strings like posts, answers, glossary items, etc. print any html/plain/markdown/moodle text, needing any of the features below.We should set such parameter to 'true' only when data to be processed isn't coming from database, but from HTTP requests (forms, links. By default, it's false, so no strip will be performed. strip: it decides if we want to strip slashes from the string or not.Note that even though the value of form fields printed with p() will have these characters converted to HTML entities, the submitted values will still contain the original characters. The functions replace certain characters that would have special meaning in HTML (, ", ', and &) by HTML entities, so that they are displayed as intended. It is important not to use these functions for strings that contain HTML markup. print, in general, all the dynamic data, not being HTML, that doesn't need to be cleaned nor processed by filters.show plain (non-HTML) text that has been introduced by the user (search string, quiz responses.print all the values of form fields like or tags.The only difference is that s() returns the string, while p() prints it directly. These functions share the same code, so they will be explained together.
0 kommentar(er)
