StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
5685255
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
1
CommunityOwnedDate
CreationDate
2011-04-16T08:02:56.200
FavoriteCount
0
LastActivityDate
2014-01-28T18:36:45.693
LastEditDate
2014-01-28T18:36:45.693
LastEditorUserId
146622
OwnerUserId
115106
ParentId
5662969
PostTypeId
2
Score
14
ViewCount
0
LastEditorDisplayName
text
Body
Rasmus proposed removing XSS blacklisting from Kohana for sake of escaping the output with <code>htmlspecialchars() - HTML::chars()</code> or using HTMLpurifier in case you really need to let some HTML in. Since 3.1, Security doesn't have the <code>xss_clean()</code> method by default, you'll have to install <a href="https://github.com/shadowhand/purifier" rel="nofollow">shadowhand's HTMLpurifier</a> module for securing input strings (by adding the submodule from github, putting it in modules and enabling it in bootstrap). The module itself will override default Security class and add the <code>xss_clean()</code> method which uses <a href="http://htmlpurifier.org/" rel="nofollow">HTMLpurifier</a> for escaping. There is also a config file for the module where you can set everything up on your application level. No input escaping is done "automatically" for many reasons; overhead, consistency, etc. As Request was pretty much rewritten in this version to match the RFC 2616 and get even more powerful HMVC, you'll be accessing your query string vars with <code>Request::query()</code> [ <code>$this->request->query()</code> inside of your controllers ], but there is still no escaping done on that side (each request can have it's own headers, POST, GET, etc.) The easiest way for you to escape the current POST vars would be to do: <pre><code>$safe = Arr::map('Security::xss_clean', $this->request->post()); </code></pre> P.S. Don't pay too much attention on nonsense written here about <code>$this->request->param()</code>, it's only for accessing the matched Route's parameters, not your GET or POST vars.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POXSS clean in kohana 3.1
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USVirtlink
UserOwnerUserId
1. USKemo
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. POXSS clean in kohana 3.1
 singulars
 PostTypePostTypeId
 PTQuestion
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTAcceptedByOriginator
CommentsPostId
1. CO+1 very nice answer
 singulars
 PostPostId
 PO
 UserUserId
 USalex

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.