MoFish Posted April 19, 2006 Share Posted April 19, 2006 hello. I have a message board of my website, but it allows people to use html tags. they can make a right mess of it using massive fonts all all different colours. Im seeking a way to prevent this from occouring. I found the following code on a different website however am not really sure how to call it from my php document.[code]function removeHTML($strToFilter) { $strToFilter = str_replace(">", "& g t;",$strToFilter); return str_replace("<", "& l t;",$strToFilter);}[/code]Im using the following code to add to the database, but really would like it to try to prevent the tags and stuff if possible. please note, this is a snipit of code not the full whack. im just assuming the tag check will be somewhere here, but dont know exactly how to do it.does anyone mind showing me how i can use the function on $data and $subject please?Thanks MoFish[code]if ($data == "" || $subject == "") { $errormsg = 'Please Fill In All The Fields Above'; $success = '<a href="index.php?page=forumpost"><b>Try Again</b></a>'; } else { if (mysql_query($query)){ if (mysql_query($topicquery)){ $errormsg = 'added to topic database!'; $success = 'added'; } else { $errormsg = 'problem adding topic!'; $success = 'failed'; }[/code] Link to comment https://forums.phpfreaks.com/topic/7828-using-a-function/ Share on other sites More sharing options...
kenrbnsn Posted April 19, 2006 Share Posted April 19, 2006 There are two functions builtin to PHP that you should look at[list][*][a href=\"http://www.php.net/htmlentities\" target=\"_blank\"]htmlentities()[/a][*][a href=\"http://www.php.net/strip_tags\" target=\"_blank\"]strip_tags()[/a][/list]You can used them either when you put the data into the database or when you write the data back to the screen.Ken Link to comment https://forums.phpfreaks.com/topic/7828-using-a-function/#findComment-28537 Share on other sites More sharing options...
MoFish Posted April 19, 2006 Author Share Posted April 19, 2006 thanks ken, got that working good.how do i deal with white space? for example ive got a check if the variable is blank ( equals "" ) but if you for example put one white space or more (spare bar) in it will accept it. :S Link to comment https://forums.phpfreaks.com/topic/7828-using-a-function/#findComment-28684 Share on other sites More sharing options...
ober Posted April 19, 2006 Share Posted April 19, 2006 As long as the space is within the text you're sending it, you can use the trim() function. If you want to accept things that contain text + spaces, but you want to avoid 0 length items, you can use strlen(). Link to comment https://forums.phpfreaks.com/topic/7828-using-a-function/#findComment-28709 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.