Wintergreen Posted September 5, 2006 Share Posted September 5, 2006 I saw something a few days ago searching around that was a function where you could specify which html tags are allowed, such as <img> or <br> but nothing else but I can't for the life of me find it anymore. Am I making this up? Basically I'm trying to make it so people can't break my layout by coming in and posting </div></div></table> whatever. But I don't want to disable html completely, I'd like <a> and <img> to work. Also, if I allow them to use <a> and <img> how would I go about making sure that they're closed, so someone doesn't open an img tag like <img src=" and then post, screwing up the layout of the page. While we're on the subject of security type things, if I run my input through addslashes and mysql_real_escape_string before inserting into the DB, is it reasonably safe? Link to comment https://forums.phpfreaks.com/topic/19778-function-limiting-html-tags/ Share on other sites More sharing options...
Daniel0 Posted September 5, 2006 Share Posted September 5, 2006 [quote author=Wintergreen link=topic=106962.msg428481#msg428481 date=1157468583]While we're on the subject of security type things, if I run my input through addslashes and mysql_real_escape_string before inserting into the DB, is it reasonably safe? [/quote]It's perfetcly safe if you escape it using that function first. Link to comment https://forums.phpfreaks.com/topic/19778-function-limiting-html-tags/#findComment-86433 Share on other sites More sharing options...
obsidian Posted September 5, 2006 Share Posted September 5, 2006 the function you're looking for is strip_tags(). read up on it in the manual, and you'll notice that you can pass allowed tags into it, and it will only strip out all the tags you [b]do not[/b] want to allow. Link to comment https://forums.phpfreaks.com/topic/19778-function-limiting-html-tags/#findComment-86443 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.