PHP Source Code
<?php
function sanitizeObject($object, $keepFields = array()) {
$out = array();
if ($keepFields) {
$c=0;
foreach ($keepFields as $field) {
if ($obj instanceof xPDOObject){
$out[$c++][$field] = $object->get($field);
}
}
}
return $out;
}
Implementation
sanitizedObject($obj, array('skuId', 'minAmount', 'maxAmount'))
Alternative PHP Source Code
<?php
function sanitize() {
$obj = clone $this;
unset ($obj-password, $obj->cachepwd, $obj->salt);
return $obj;
}
Alternative Implementation
$sanitizedObj = $obj->sanitize()
Comments
xPDO has an amazing ability of streamlining database to presentation translations, but in some scenarios simply
providing an xPDO object to a presentation method, such as $modx->getchunk('chunkName', $object) may
allow undesirable information onto the page.
I created this function to sanitize Object values before they are sent to any display mechanism. Either of the
example source codes could safely be sent to the front end via $modx->getchunk('chunkName',
$className->sanitizedObject($obj, array('skuId', 'minAmount', 'maxAmount'))) or
$modx->getchunk('chunkName', $sanitizedObj->toArray())