Ben bu kod parçası var:

    ->filter('username', 'Security::xss_clean')
                ->filter('url', 'Security::xss_clean')
                ->filter('text', 'Security::xss_clean')

but it not works and after validation parametres will be inserted via ORM into table columns with html tags. so, what i do wrong? or this method works only when writing output data, but not return changed value back to variable?