bluwe Posted November 11, 2006 Share Posted November 11, 2006 Hiya,I'm trying to stop html being entered into my database. I'm checking what is being posted with the following script:<?foreach ($_POST as $field => $value){$value = htmlspaecialchars;$value = strip_tags;$value = trim;}foreach ($_POST as $field => $value){echo "$field = $value<br>";}?></body></html>strip tags seems to be working but i can still put html in the form and the script echoes it back to me. Any ideas?Cheers Link to comment https://forums.phpfreaks.com/topic/26921-htmlspecialchars-not-working/ Share on other sites More sharing options...
AndyB Posted November 11, 2006 Share Posted November 11, 2006 htmlsp[b]ae[/b]cialchars is spelled wrong in your code Link to comment https://forums.phpfreaks.com/topic/26921-htmlspecialchars-not-working/#findComment-123118 Share on other sites More sharing options...
haaglin Posted November 11, 2006 Share Posted November 11, 2006 You can also try using this: $value = htmlentities(strip_tags($value));echo $value; Link to comment https://forums.phpfreaks.com/topic/26921-htmlspecialchars-not-working/#findComment-123120 Share on other sites More sharing options...
bluwe Posted November 11, 2006 Author Share Posted November 11, 2006 That worked a treat haaglin, cheers!!! Link to comment https://forums.phpfreaks.com/topic/26921-htmlspecialchars-not-working/#findComment-123126 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.