- Patch #740764 by mr.baileys, aspilicious: add missing functions to the sanitization group.

includes/bootstrap.inc

@@ -1380,6 +1380,8 @@ function drupal_unpack($obj, $field = 'data') {
  *       belongs to.
  * @return
  *   The translated string.
+ *
+ * @ingroup sanitization
  */
 function t($string, array $args = array(), array $options = array()) {
   global $language;
@@ -1448,6 +1450,7 @@ function t($string, array $args = array(), array $options = array()) {
  *   valid UTF-8.
  *
  * @see drupal_validate_utf8()
+ * @ingroup sanitization
  */
 function check_plain($text) {
   // We do not want to use drupal_static() since PHP version will never change

includes/common.inc

@@ -1181,6 +1181,9 @@ function flood_is_allowed($name, $threshold, $window = 3600, $identifier = NULL)
  * @defgroup sanitization Sanitization functions
  * @{
  * Functions to sanitize values.
+ *
+ * See http://drupal.org/writing-secure-code for information
+ * on writing secure code.
  */
 
 /**

includes/install.inc

@@ -847,6 +847,7 @@ function install_goto($path) {
  * system is possibly not yet available.
  *
  * @see t()
+ * @ingroup sanitization
  */
 function st($string, $args = array()) {
   static $locale_strings = NULL;

modules/filter/filter.module

@@ -668,6 +668,8 @@ function filter_list_format($format_id) {
  *   Boolean whether to cache the filtered output in the {cache_filter} table.
  *   The caller may set this to FALSE when the output is already cached
  *   elsewhere to avoid duplicate cache lookups and storage.
+ *
+ * @ingroup sanitization
  */
 function check_markup($text, $format_id = NULL, $langcode = '', $cache = FALSE) {
   if (empty($format_id)) {