Jump to content

Archived

This topic is now archived and is closed to further replies.

rbragg

sanitizing form values

Recommended Posts

Is it possible to apply strip_tags to all form objects at once in this manner:

[code]foreach ($_POST as $key => $value) # put the values into session variables
{
    if ($key != "confirm")
  {
        $_SESSION[$key] = strip_tags($value);
}
}[/code]

Any help would be greatly appreciated.  :)

Share this post


Link to post
Share on other sites
Thanks for your reply. I enter something like <? robin ?> in my first name textfield. Although I have validation checking to make sure this field is not left empty, it displays an empty echo on my confirmation page.

Or maybe this is precisely how strip_tags functions? I thought that only the tags would be removed leaving me with "robin".  ???

Share this post


Link to post
Share on other sites
strip_tags() doesnt remove the tags, but escapes the charaters.
From the manual:
[i]This function tries to return a string with all HTML and PHP tags stripped from a given str[/i]

Orio.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.