redroy Posted May 13, 2006 Share Posted May 13, 2006 Hi,New here... I've got a small problem that I need some help with and have been unsuccessful on other forums. I'm hoping you can point me in the right direction.What I've got is a content control that I wrote for my clients using php/mysql. I have a function that checks the inserted data and strips out php and unwanted html. The problem is that's too strict. For example if someone makes an error with an acceptable tag like:[code]<a href=""[/code] ... not closing it. The function will strip EVERYTHING from that point down. Is there anyway to make the function below more dummy proof?[code]$allowedTags = '<h1><h2><h3><h4><h5><h6><b><i><u><a><div><img><ul><li><hr><blockquote>';$stripAttrib = 'javascript:|onclick|ondblclick|onmousedown|onmouseup|onmouseover|onmousemove|onmouseout|onkeypress|onkeydown|onkeyup';function stripData($string){ global $allowedTags, $stripAttrib; while($string != strip_tags($string, $allowedTags)) { $string = strip_tags($string, $allowedTags); } while($string != preg_replace("/$stripAttrib/i", 'FORBIDDEN', $string)) { $string = preg_replace("/$stripAttrib/i", 'FORBIDDEN', $string); } return $string;}[/code]Thanks for your time!! Quote Link to comment https://forums.phpfreaks.com/topic/9628-strip-html-help/ Share on other sites More sharing options...
bcamp1973 Posted August 23, 2006 Share Posted August 23, 2006 try strip_tags() Quote Link to comment https://forums.phpfreaks.com/topic/9628-strip-html-help/#findComment-79321 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.