random1 Posted December 31, 2007 Share Posted December 31, 2007 I have a class that performs validation (isString, isBoolean etc): .... // Checks the input data for consistency and correctness function checkInput($variable) { strip_tags($variable); } // Checks the output data for consistency and correctness function checkOutput($variable) { htmlspecialchars($variable); nl2br($variable); } How can I improve this code to: 1) Remove javascript tags 2) Remove HTML tags 3) Remove BB tags 4) Remove UBB tags 5) Clean the data completely Quote Link to comment https://forums.phpfreaks.com/topic/83799-solved-validation/ Share on other sites More sharing options...
phpQuestioner Posted December 31, 2007 Share Posted December 31, 2007 you could create a regex to identify and replace those tags. Quote Link to comment https://forums.phpfreaks.com/topic/83799-solved-validation/#findComment-426370 Share on other sites More sharing options...
mr_mind Posted December 31, 2007 Share Posted December 31, 2007 The two functions below will make it able to go into the database and come out properly. It will show the tags instead of having the tags parsed by the browser <?php function sanitize($str) { $str = htmlentities($str, ENT_NOQUOTES); $str = mysql_escape_string($str); return $str; } function desanitize($str) { $str = html_entity_decode($str, ENT_NOQUOTES); $str = stripslashes($str); $str = str_replace(array('<','>'), array('<', '>'), $str); return $str; } $string = "<strong> Hello World! </strong>"; print 'Original string: ' . $string . '<br />'; print 'Sanitized String: ' . sanitize($string) . '<br />'; print 'Desanitized String: ' . desanitize($string) . '<br />'; ?> Quote Link to comment https://forums.phpfreaks.com/topic/83799-solved-validation/#findComment-426400 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.