Jump to content


Using A Function

  • Please log in to reply
3 replies to this topic

#1 MoFish

  • Members
  • PipPipPip
  • Advanced Member
  • 210 posts

Posted 19 April 2006 - 10:30 AM

hello. I have a message board of my website, but it allows people to use html tags. they can make a right mess of it using massive fonts all all different colours. Im seeking a way to prevent this from occouring. I found the following code on a different website however am not really sure how to call it from my php document.

function removeHTML($strToFilter) { 
    $strToFilter = str_replace(">", "& g t;",$strToFilter);
    return str_replace("<", "& l t;",$strToFilter);

Im using the following code to add to the database, but really would like it to try to prevent the tags and stuff if possible. please note, this is a snipit of code not the full whack. im just assuming the tag check will be somewhere here, but dont know exactly how to do it.

does anyone mind showing me how i can use the function on $data and $subject please?

Thanks MoFish

if ($data == "" || $subject == "") {
    $errormsg = 'Please Fill In All The Fields Above';
    $success = '<a href="index.php?page=forumpost"><b>Try Again</b></a>';
} else {
    if (mysql_query($query)){
        if (mysql_query($topicquery)){
                $errormsg = 'added to topic database!';
                $success = 'added';
        } else {
                $errormsg = 'problem adding topic!';
                $success = 'failed';

#2 kenrbnsn

  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 19 April 2006 - 11:56 AM

There are two functions builtin to PHP that you should look at
  • [a href=\"http://www.php.net/htmlentities\" target=\"_blank\"]htmlentities()[/a]
  • [a href=\"http://www.php.net/strip_tags\" target=\"_blank\"]strip_tags()[/a]
You can used them either when you put the data into the database or when you write the data back to the screen.


#3 MoFish

  • Members
  • PipPipPip
  • Advanced Member
  • 210 posts

Posted 19 April 2006 - 06:16 PM

thanks ken, got that working good.

how do i deal with white space? for example ive got a check if the variable is blank ( equals "" ) but if you for example put one white space or more (spare bar) in it will accept it. :S

#4 ober

  • Staff Alumni
  • Advanced Member
  • 5,337 posts
  • LocationEast Coast, USA

Posted 19 April 2006 - 07:08 PM

As long as the space is within the text you're sending it, you can use the trim() function. If you want to accept things that contain text + spaces, but you want to avoid 0 length items, you can use strlen().

Info: PHP Manual

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users