Jump to content

Archived

This topic is now archived and is closed to further replies.

MoFish

Using A Function

Recommended Posts

hello. I have a message board of my website, but it allows people to use html tags. they can make a right mess of it using massive fonts all all different colours. Im seeking a way to prevent this from occouring. I found the following code on a different website however am not really sure how to call it from my php document.

[code]
function removeHTML($strToFilter) {
    $strToFilter = str_replace(">", "& g t;",$strToFilter);
    return str_replace("<", "& l t;",$strToFilter);
}
[/code]

Im using the following code to add to the database, but really would like it to try to prevent the tags and stuff if possible. please note, this is a snipit of code not the full whack. im just assuming the tag check will be somewhere here, but dont know exactly how to do it.

does anyone mind showing me how i can use the function on $data and $subject please?

Thanks MoFish

[code]
if ($data == "" || $subject == "") {
    $errormsg = 'Please Fill In All The Fields Above';
    $success = '<a href="index.php?page=forumpost"><b>Try Again</b></a>';
    
} else {
                    
    if (mysql_query($query)){
            
        if (mysql_query($topicquery)){
                $errormsg = 'added to topic database!';
                $success = 'added';
        } else {
                $errormsg = 'problem adding topic!';
                $success = 'failed';
        }
[/code]

Share this post


Link to post
Share on other sites
There are two functions builtin to PHP that you should look at[list][*][a href=\"http://www.php.net/htmlentities\" target=\"_blank\"]htmlentities()[/a][*][a href=\"http://www.php.net/strip_tags\" target=\"_blank\"]strip_tags()[/a][/list]You can used them either when you put the data into the database or when you write the data back to the screen.

Ken

Share this post


Link to post
Share on other sites
thanks ken, got that working good.

how do i deal with white space? for example ive got a check if the variable is blank ( equals "" ) but if you for example put one white space or more (spare bar) in it will accept it. :S

Share this post


Link to post
Share on other sites
As long as the space is within the text you're sending it, you can use the trim() function. If you want to accept things that contain text + spaces, but you want to avoid 0 length items, you can use strlen().

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.