aftab_jii Posted March 27, 2006 Share Posted March 27, 2006 hi...i need some serious help with strip_tags..i have copied follwing code from php.net[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]<?php//tags.php//Allow these tags$allowedTags = '<u><i><b><a><img><br><p><table><tr><td><ul><li><pre><hr><blockquote>';//Disallow these attributes/prefix within a tag$stripAttrib = 'javascript:|onclick|ondblclick|onmousedown|onmouseup|onmouseover|'. 'onmousemove|onmouseout|onkeypress|onkeydown|onkeyup';//remove evel tagsfunction removeEvilTags($source){ global $allowedTags; $source = strip_tags($source, $allowedTags); return preg_replace('/<(.*?)>/ie', "'<'.removeEvilAttributes('\\1').'>'", $source);}//remove evil arrtibutesfunction removeEvilAttributes($tagSource){ global $stripAttrib; return stripslashes(preg_replace("/$stripAttrib/i", 'forbidden', $tagSource));}?>[/quote]and now i want to apply the defined functions to the following echos:[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]<input id="searchkeywords" type="text" name="keywords"<?phpif (isset($_GET['keywords'])) { echo ' value="' . htmlspecialchars($_GET['keywords']) . '" ';}?>[/quote]and[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]<p> Body:<br> <textarea class="body" name="body" rows="10" cols="60"><?php echo htmlspecialchars($body); ?></textarea></p>[/quote]I have tried doing it the following way:[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]require_once('tags.php');...<input id="searchkeywords" type="text" name="keywords"<?phpif (isset($_GET['keywords'])) { echo ' value="' . removeEvilTags(htmlspecialchars($_GET['keywords']),TRUE) . '" ';}?>[/quote]and [!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]require_once('tags.php');...<p> Body:<br> <textarea class="body" name="body" rows="10" cols="60"><?php echo removeEvilTags($body, TRUE); ?></textarea></p>[/quote]but its not correct since the search felt and the textarea still accepts the evilTags...need help tp solve the problem...i hope i get some quick answers soon... Link to comment https://forums.phpfreaks.com/topic/5940-help-making-the-santax-of-strip_tags-corect/ Share on other sites More sharing options...
aftab_jii Posted March 28, 2006 Author Share Posted March 28, 2006 come on...isnt there anyone who can help me with the problem!!!!anyone at all!!!! Link to comment https://forums.phpfreaks.com/topic/5940-help-making-the-santax-of-strip_tags-corect/#findComment-21657 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.