Form Validation – HTML Tag stripping

Posted by Jamsi in PHP on January 17th, 2006 | no responses

This short article will talk about protecting your web forms from users who may try to exploit your website by entering in HTML into a text box.

Validation is something all web coders should think about as it protects the end user from making mistakes and protects your website from malicious attacks.

The following code uses the “htmlspecialchars” PHP function to strip all HTML tags from the entered data and then puts back what is allowed according to what YOU set.

!i', create_function('$matches','return str_replace(array(">", "<", """, "&"), array(">", "<", "\"", "&"), $matches[0]);'), $content);
?>

No related posts.

Have a computer problem? Ask in our SUPPORT forum!

Receive Discounted Software

No bull. Want cheap discounts for common software products?
  • AntiVirus
  • Video editing tools
  • Web development tools
  • Registry Cleaners
  • Computer speed boosters!
Our editors get these products sent to us WEEKLY for review.

WE WANT TO PASS THESE DISCOUNTS ON TO YOU! (We honestly don't need them)

So whack your email in the box below and when we receive stuff we'll forward it to you! Its that simple.


Leave a Reply