Laravel Binput
Laravel Binput was created by, and is maintained by Graham Campbell, and is an input protector for Laravel that prevents potentially dangerous elements like <script> tags in any input you receive, from doing harm. It utilises my Laravel Security package, which cleans the input using voku/anti-xss. Feel free to check out the change log, releases, security policy, license, code of conduct, and contribution guidelines.
Installation
This version requires PHP 8.0-8.2 and supports Laravel 9-10.
| Binput | L5.5 | L5.6 | L5.7 | L5.8 | L6 | L7 | L8 | L9 | L10 |
|---|---|---|---|---|---|---|---|---|---|
| 5.1 | |||||||||
| 6.2 | |||||||||
| 7.1 | |||||||||
| 8.0 | |||||||||
| 9.1 | |||||||||
| 10.0 | |||||||||
| 11.0 |
To get the latest version, simply require the project using Composer:
$ composer require "graham-campbell/binput:^11.0"Once installed, if you are not using automatic package discovery, then you need to register the GrahamCampbell\Security\SecurityServiceProvider and GrahamCampbell\Binput\BinputServiceProvider service providers in your config/app.php.
You can also optionally alias our facade:
'Binput' => GrahamCampbell\Binput\Facades\Binput::class,Configuration
Laravel Binput requires no configuration. Just follow the simple install instructions and go!
Usage
Binput
This is the class of most interest. It is bound to the ioc container as 'binput' and can be accessed using the Facades\Binput facade. There are a few public methods of interest.
The 'all', 'get', 'input', 'only', 'except', and 'old' methods have an identical api to the methods found on the laravel request class accept from they all accept two extra parameters at the end. The first extra parameter is a boolean representing if the input should be trimmed. The second extra parameter is a boolean representing if the input should be xss cleaned. Both extra parameters are default to true.
There are two additional methods added to the public api. The first is a method called 'map' which will remap the output from the 'only' method. The 'map' function requires an associative array as the first parameter. The second method is the 'clean' function. It takes three parameters. The first is the value to be cleaned (it can be an array, and will be recursively iterated over and cleaned), and the final two are trim and clean, which behave in the same way as earlier.
Any methods not found on this binput class will actually fall back to the laravel request class with a dynamic call function, so every other method on the request class is available in exactly the same way it would be on the Laravel request class.
Facades\Binput
This facade will dynamically pass static method calls to the 'binput' object in the ioc container which by default is the Binput class.
BinputServiceProvider
This class contains no public methods of interest. This class should be added to the providers array in config/app.php. This class will setup ioc bindings.
Real Examples
Here you can see an example of just how simple this package is to use.
// request input data: ['test' => '123', 'foo' => '<script>alert(\'bar\');</script> ']
$input = Binput::all(); // ['test' => '123', 'foo' => '']Security
If you discover a security vulnerability within this package, please send an email to [email protected]. All security vulnerabilities will be promptly addressed. You may view our full security policy here.
License
Laravel Binput is licensed under The MIT License (MIT).
For Enterprise
Available as part of the Tidelift Subscription
The maintainers of graham-campbell/binput and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. Learn more.