Startup

Technology Review

Tips

Video

Welcome

Home » Technology Review

PHP: Removing HTML Tags from Strings

Submitted by admin on Wednesday, 29 October 2008No Comment

Using text fields on web based forms to obtain information from a website user can often lead to unexpected string inputs. A typical unexpected input might be a field that asks a user to submit a link and a description - spammers may use this description field to stuff with extra links.

Fortunately, PHP has the command strip_tags to remove these tags.

$myString = "<p><a href='gohere.html'>This is some text</a></p>";
$newString = strip_tags($myString);

You can allow specified tags by using the option parameter of strip_tags, so to include the <p> tag in the string above but remove the <a> tag use this command

$newString = strip_tags($myString,"<a>");

It would also be useful to use the mysql_real_escape_string in this instance to avoid SQL Injections.

Go to Source

Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.