Using A Function

[MoFish]

hello. I have a message board of my website, but it allows people to use html tags. they can make a right mess of it using massive fonts all all different colours. Im seeking a way to prevent this from occouring. I found the following code on a different website however am not really sure how to call it from my php document.

[code]
function removeHTML($strToFilter) {
    $strToFilter = str_replace(">", "& g t;",$strToFilter);
    return str_replace("<", "& l t;",$strToFilter);
}
[/code]

Im using the following code to add to the database, but really would like it to try to prevent the tags and stuff if possible. please note, this is a snipit of code not the full whack. im just assuming the tag check will be somewhere here, but dont know exactly how to do it.

does anyone mind showing me how i can use the function on $data and $subject please?

Thanks MoFish

[code]
if ($data == "" || $subject == "") {
    $errormsg = 'Please Fill In All The Fields Above';
    $success = '<a href="index.php?page=forumpost"><b>Try Again</b></a>';
    
} else {
                    
    if (mysql_query($query)){
            
        if (mysql_query($topicquery)){
                $errormsg = 'added to topic database!';
                $success = 'added';
        } else {
                $errormsg = 'problem adding topic!';
                $success = 'failed';
        }
[/code]

[kenrbnsn]

There are two functions builtin to PHP that you should look at[list][*][a href=\"http://www.php.net/htmlentities\" target=\"_blank\"]htmlentities()[/a][*][a href=\"http://www.php.net/strip_tags\" target=\"_blank\"]strip_tags()[/a][/list]You can used them either when you put the data into the database or when you write the data back to the screen.

Ken

[MoFish]

thanks ken, got that working good.

how do i deal with white space? for example ive got a check if the variable is blank ( equals "" ) but if you for example put one white space or more (spare bar) in it will accept it. :S

[ober]

As long as the space is within the text you're sending it, you can use the trim() function. If you want to accept things that contain text + spaces, but you want to avoid 0 length items, you can use strlen().