ccrevcypsys Posted October 29, 2007 Share Posted October 29, 2007 how do i disable the <style> tags and any html tags that are put into my database. Because I dont want them to be able to change how the page looks (just like on myspace). Link to comment https://forums.phpfreaks.com/topic/75271-how-do-i-mabie-n00b-question/ Share on other sites More sharing options...
kellz Posted October 29, 2007 Share Posted October 29, 2007 *doesnt understand the question* It can't do anything if it's in your database, thats SQL.. Link to comment https://forums.phpfreaks.com/topic/75271-how-do-i-mabie-n00b-question/#findComment-380707 Share on other sites More sharing options...
DyslexicDog Posted October 29, 2007 Share Posted October 29, 2007 htmlspecialchars() Link to comment https://forums.phpfreaks.com/topic/75271-how-do-i-mabie-n00b-question/#findComment-380708 Share on other sites More sharing options...
Dragen Posted October 29, 2007 Share Posted October 29, 2007 output the code like this: htmlentities($var); Where $var is the data from the database EDIT: or strip tags might work better: strip_tags($var); EDIT (again): Then again, if you're only wanting to remove the <style> tags and it's contents try this: <?php $var = preg_replace('#(\<style\>)([a-z0-9./:]+)(\<\/style\>)#i', '', $var); ?> Link to comment https://forums.phpfreaks.com/topic/75271-how-do-i-mabie-n00b-question/#findComment-380709 Share on other sites More sharing options...
trav Posted October 29, 2007 Share Posted October 29, 2007 Then again, if you're only wanting to remove the <style> tags and it's contents try this: <?php $var = preg_replace('#(\<style\>)([a-z0-9./:]+)(\<\/style\>)#i', '', $var); ?> if you don't want people changing the style definitely strip the tags before they are inputted into your db. this makes it much easier to deal with displaying later. now if you have certain people (ie admins, or moderators) that you will allow, you might want to use a different approach. Link to comment https://forums.phpfreaks.com/topic/75271-how-do-i-mabie-n00b-question/#findComment-380771 Share on other sites More sharing options...
ccrevcypsys Posted October 30, 2007 Author Share Posted October 30, 2007 Then again, if you're only wanting to remove the <style> tags and it's contents try this: <?php $var = preg_replace('#(\<style\>)([a-z0-9./:]+)(\<\/style\>)#i', '', $var); ?> if you don't want people changing the style definitely strip the tags before they are inputted into your db. this makes it much easier to deal with displaying later. now if you have certain people (ie admins, or moderators) that you will allow, you might want to use a different approach. what would u recommend because there are going to be the admin and other people that will be able to do this i just don't want other people doing it Link to comment https://forums.phpfreaks.com/topic/75271-how-do-i-mabie-n00b-question/#findComment-381263 Share on other sites More sharing options...
atlanta Posted October 30, 2007 Share Posted October 30, 2007 I say do the method he gave you just put it into an if command . for instance if($user = "admin") { dont filter; } else { filter using the preg_replace } Link to comment https://forums.phpfreaks.com/topic/75271-how-do-i-mabie-n00b-question/#findComment-381276 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.