Hello,
I'm trying to sanitize user input and have been banging my head over HTMLpurifier the last several days (some weird encoding issues). So...I decided to try out HTMLawed. Using the following code:
require_once('htmLawed/htmLawed.php');
$text ='<script type="text/javascript">This is bad stuff</script><p>hello how are < you?';
$out = htmLawed($text);
echo $out;
I would think that it would get rid of my javascript. But, in the browser $text looked exactly the same. This is such a newbie question that I'm embarrassed to ask it as the HTMLawed documentation "looked" great. Can someone please explain the error of my ways?
Thanks so much,
Eric
