Jump to content

Safe charaters question


dan_t

Recommended Posts

Hi Guys,

I've got a function for making input safe. One takes from a textarea on a form.

The problem is when someone types a few paragraphs in it, using regular sentence stuff like ( ' , . () ? ) it kicks it out and gives them my error message.

How can I keep out the unsafe stuff, but still allow someone to "speak their mind"? Something like a preg_replace maybe?

If so, how can I add it on to my other function?

Thanks

Dan

Link to comment
https://forums.phpfreaks.com/topic/201451-safe-charaters-question/
Share on other sites

function safe_mode($string)
{
$string = strip_tags($string);
$string = stripcslashes($string);
$string = trim($string);
$string = htmlentities($string);
$string = htmlspecialchars($string);

return $string;
}




$userId = safe_mode($_POST['userId']);

 

What part of this would kick out the charaters?

 

The other parts just a standard textarea, it works unless you put in a " ' " that's what kicked out on me. just the '

Sorry that last line had userId it is the wrong line.

The correct line is:

$about = nl2br(safe_mode($_POST['about_me']));

 

Sorry about that.

 

Just a simple word like "that's" seems to make it error.

I'm I better of cutting down on some of the  function? Like is htmlspecialchars and htmlentities overkill?

I just tried your function with this quick test:

<?php
function safe_mode($string)
{
$string = strip_tags($string);
$string = stripcslashes($string);
$string = trim($string);
$string = htmlentities($string);
$string = htmlspecialchars($string);

return $string;
}
echo nl2br(safe_mode("that's"));
?>

and there was no problem. Perhaps your problem is somewhere else in your code.

 

Ken

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.