rbragg Posted October 26, 2006 Share Posted October 26, 2006 Is it possible to apply strip_tags to all form objects at once in this manner:[code]foreach ($_POST as $key => $value) # put the values into session variables { if ($key != "confirm") { $_SESSION[$key] = strip_tags($value); } }[/code]Any help would be greatly appreciated. :) Link to comment https://forums.phpfreaks.com/topic/25233-sanitizing-form-values/ Share on other sites More sharing options...
Orio Posted October 26, 2006 Share Posted October 26, 2006 Yes :)Orio. Link to comment https://forums.phpfreaks.com/topic/25233-sanitizing-form-values/#findComment-115065 Share on other sites More sharing options...
rbragg Posted October 26, 2006 Author Share Posted October 26, 2006 Thanks for your reply. I enter something like <? robin ?> in my first name textfield. Although I have validation checking to make sure this field is not left empty, it displays an empty echo on my confirmation page.Or maybe this is precisely how strip_tags functions? I thought that only the tags would be removed leaving me with "robin". ??? Link to comment https://forums.phpfreaks.com/topic/25233-sanitizing-form-values/#findComment-115066 Share on other sites More sharing options...
Orio Posted October 26, 2006 Share Posted October 26, 2006 strip_tags() doesnt remove the tags, but escapes the charaters.From the manual:[i]This function tries to return a string with all HTML and PHP tags stripped from a given str[/i]Orio. Link to comment https://forums.phpfreaks.com/topic/25233-sanitizing-form-values/#findComment-115072 Share on other sites More sharing options...
rbragg Posted October 26, 2006 Author Share Posted October 26, 2006 Hmm... with that reasoning why would "robin" not be returned? Link to comment https://forums.phpfreaks.com/topic/25233-sanitizing-form-values/#findComment-115074 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.