PHPackages dmk/mksanitizedparameters - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Validation & Sanitization](/categories/validation) 4. / 5. dmk/mksanitizedparameters ActiveTypo3-cms-extension[Validation & Sanitization](/categories/validation) dmk/mksanitizedparameters ========================= Sanitize $\_REQUEST, $\_POST and $\_GET before the processing of TYPO3 in backend or frontend starts. Take a look into the documentation how to add your own rules or see which one exist. v13.0.1(3mo ago)233.6k↓49.1%21GPL-2.0-or-laterPHPCI passing Since Feb 23Pushed 3mo ago26 watchersCompare [ Source](https://github.com/DMKEBUSINESSGMBH/typo3-mksanitizedparameters)[ Packagist](https://packagist.org/packages/dmk/mksanitizedparameters)[ Docs](http://www.dmk-ebusiness.de/)[ RSS](/packages/dmk-mksanitizedparameters/feed)WikiDiscussions 13.4 Synced 1mo ago READMEChangelog (4)Dependencies (11)Versions (46)Used By (1) MK Sanitized Parameters ======================= [](#mk-sanitized-parameters) [![TYPO3 compatibility](https://camo.githubusercontent.com/82d43631a1de3291114630dd9ae2ecfcb23495adb970f325559f32332314e3c8/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5459504f332d31312e3525323025374325323031322e342d6f72616e67653f6d61784167653d33363030267374796c653d666c61742d737175617265266c6f676f3d7479706f33)](https://camo.githubusercontent.com/82d43631a1de3291114630dd9ae2ecfcb23495adb970f325559f32332314e3c8/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5459504f332d31312e3525323025374325323031322e342d6f72616e67653f6d61784167653d33363030267374796c653d666c61742d737175617265266c6f676f3d7479706f33)[![Latest Stable Version](https://camo.githubusercontent.com/2e6c6a001f2d46361fa17f66b909a1dad0b763a8085c5d31a158514444b8f6d7/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f646d6b2f6d6b73616e6974697a6564706172616d65746572732e7376673f6d61784167653d33363030267374796c653d666c61742d737175617265266c6f676f3d636f6d706f736572)](https://packagist.org/packages/dmk/mksanitizedparameters)[![Total Downloads](https://camo.githubusercontent.com/10d8d145d67c1c7db95363c97e957e4e71258d80d48b640cd4acb68cfbbaf542/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f646d6b2f6d6b73616e6974697a6564706172616d65746572732e7376673f6d61784167653d33363030267374796c653d666c61742d737175617265)](https://packagist.org/packages/dmk/mksanitizedparameters)[![Build Status](https://camo.githubusercontent.com/59b99c337a633b39c0c6dab455cd0d45527d32431258d9ea3e1649d8738617c0/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f444d4b45425553494e455353474d42482f7479706f332d6d6b73616e6974697a6564706172616d65746572732f70687063692e796d6c3f6272616e63683d31322e34266d61784167653d33363030267374796c653d666c61742d737175617265266c6f676f3d6769746875622d616374696f6e73)](https://github.com/DMKEBUSINESSGMBH/typo3-mksanitizedparameters/actions?query=workflow%3APHP-CI)[![License](https://camo.githubusercontent.com/d5e22cc7f7d500c2800cfa66e967eb6884b792ba8f30ac800f17631390d22583/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f646d6b2f6d6b73616e6974697a6564706172616d65746572732e7376673f6d61784167653d33363030267374796c653d666c61742d737175617265266c6f676f3d676e75)](https://packagist.org/packages/dmk/mksanitizedparameters) What does it do? ---------------- [](#what-does-it-do) Sanitizes all parameters in `$_GET`, `$_POST` and `ServerRequestInterface $request`for frontend and backend. Every possible parameter can be configured separately. The configuration can be for a specific position in the parameter array or common for every possible position or even default for all parameters, which are not configured. This way possible attacks like MySQL injections can be prevented even for parameters where attack potential was not suspected. So unclosed security holes are harder or even not at all exploited. Taking care of the correct data type of a parameter is now done in one single place. You don't need to call intval() for numeric parameters every time you use them (e.g. in a MySQL query). You can use them safe and directly without any further action at any place you want. You just have to provide the correct rule/configuration to be sure your code is not vulnerable to MySQL injections etc. The sanitizing itself is done through the filter function of PHP. So you can take full advantage of it's features and provide even custom filters. Features -------- [](#features) The extension has 3 modes which can be configured through extension configuration: - stealth mode: simulate the sanitizing and log all theoretical actions. you also need to set a page id where the logs are written to. - log mode: every parameter which is sanitized (has changed) will be logged at warn level. This way you can investigate what happened. Either it was an attack attempt or the rules have to be adjusted. - debug mode: useful during development. every parameter which is sanitized (has changed) will be reported on the screen through a debug message. Rules ----- [](#rules) Own rules for sanitizing a parameter can be registered easily. see rules [UsersManual](Documentation/UsersManual/Index.md) [Rules](Documentation/Rules/Index.md) [ChangeLog](Documentation/ChangeLog/Index.md) ### Health Score 57 — FairBetter than 98% of packages Maintenance82 Actively maintained with recent releases Popularity32 Limited adoption so far Community25 Small or concentrated contributor base Maturity76 Established project with proven stability Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~91 days Recently: every ~0 days Total 45 Last Release 90d ago Major Versions 9.5.1 → 10.0.02020-12-16 v10.0.2 → v11.0.02022-01-18 9.5.2 → v11.0.22023-01-11 10.4.x-dev → v12.0.02024-03-11 11.5.x-dev → v13.0.02025-04-16 PHP version history (4 changes)v11.0.0PHP >=7.3.0 v11.0.1PHP ^7.3 || ^8.0 v11.0.2PHP ^7.3 || ^7.4 || ^8.0 || ^8.1 v12.0.0PHP ^7.4 || ^8.0 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/5131653?v=4)[Michael Wagner](/maintainers/rengaw83)[@rengaw83](https://github.com/rengaw83) ![](https://www.gravatar.com/avatar/b0f42c674d10d07667556ec6a435fd657236977083564418d83df8790cafe0ed?d=identicon)[dmkbot](/maintainers/dmkbot) ![](https://www.gravatar.com/avatar/33e7d05adb80175dc82fc55b499e1d17d6252f45a3de0dc5a314181568f54f69?d=identicon)[hannesbochmann](/maintainers/hannesbochmann) --- Top Contributors [![hannesbochmann](https://avatars.githubusercontent.com/u/6302628?v=4)](https://github.com/hannesbochmann "hannesbochmann (149 commits)")[![hbochmann](https://avatars.githubusercontent.com/u/873161?v=4)](https://github.com/hbochmann "hbochmann (129 commits)")[![rengaw83](https://avatars.githubusercontent.com/u/5131653?v=4)](https://github.com/rengaw83 "rengaw83 (90 commits)")[![BenjaminQuandt](https://avatars.githubusercontent.com/u/9083563?v=4)](https://github.com/BenjaminQuandt "BenjaminQuandt (4 commits)")[![mario-seidel](https://avatars.githubusercontent.com/u/6473057?v=4)](https://github.com/mario-seidel "mario-seidel (4 commits)")[![dmk-ralf-urban](https://avatars.githubusercontent.com/u/873591?v=4)](https://github.com/dmk-ralf-urban "dmk-ralf-urban (2 commits)")[![BudHe4d](https://avatars.githubusercontent.com/u/18524781?v=4)](https://github.com/BudHe4d "BudHe4d (2 commits)")[![achimfritz](https://avatars.githubusercontent.com/u/2152991?v=4)](https://github.com/achimfritz "achimfritz (1 commits)") --- Tags sanitizersecuritytypo3typo3-extensionsecurityparameterTYPO3 CMSsanitize ### Code Quality Static AnalysisPHPStan, Rector Code StylePHP CS Fixer Type Coverage Yes ### Embed Badge ![Health badge](/badges/dmk-mksanitizedparameters/health.svg) ``` [![Health](https://phpackages.com/badges/dmk-mksanitizedparameters/health.svg)](https://phpackages.com/packages/dmk-mksanitizedparameters) ``` ### Alternatives [karser/karser-recaptcha3-bundle Google ReCAPTCHA v3 for Symfony 1862.4M7](/packages/karser-karser-recaptcha3-bundle)[xemlock/htmlpurifier-html5 HTML5 support for HTML Purifier 1052.9M11](/packages/xemlock-htmlpurifier-html5)[siriusphp/validation Data validation library. Validate arrays, array objects, domain models etc using a simple API. Easily add your own validators on top of the already dozens built-in validation rules 181743.3k13](/packages/siriusphp-validation)[abcaeffchen/sepa-utilities SepaUtilities provides useful methods for validating and sanitizing inputs used in SEPA files supporting PHP >= 8.1. 312.0M2](/packages/abcaeffchen-sepa-utilities)[surgiie/transformer A data transforming/formatting package for php. 12724.3k1](/packages/surgiie-transformer)[olssonm/l5-zxcvbn Implementation of the zxcvbn project by @dropbox for Laravel. Uses zxcvbn-php by @bjeavons. 28311.1k1](/packages/olssonm-l5-zxcvbn) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)