Shad Posted November 2, 2006 Share Posted November 2, 2006 i am entering information into a field in a table, for example 'message'.this is being entered as htmlspecialchars($message);What i would like to know is, when selecting this field from the table and "echo"ing it,bearing in mind that i htmlspecialchars'd it when it was entered, how can i create a secure function to allow certain html tags however in the same time block all other html tags and disable PHP.Hope you can help! Quote Link to comment Share on other sites More sharing options...
Caesar Posted November 2, 2006 Share Posted November 2, 2006 [code]<?phpstrip_tags($string, '<b>');?>[/code] Quote Link to comment Share on other sites More sharing options...
Shad Posted November 2, 2006 Author Share Posted November 2, 2006 that does not work with a string that has been applied with htmlspecialchars Quote Link to comment Share on other sites More sharing options...
sinisake Posted November 2, 2006 Share Posted November 2, 2006 But why you would use htmlspecialchars if you use this function? ??? Quote Link to comment Share on other sites More sharing options...
Caesar Posted November 2, 2006 Share Posted November 2, 2006 [quote author=sinisake link=topic=113646.msg462010#msg462010 date=1162505315]But why you would use htmlspecialchars if you use this function? ???[/quote]Indeed.I suppose it becomes a question of logic and approach. And what your end goal is in terms of what you want the result to be. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.