> -----Oorspronkelijk bericht-----
> Van: John W. Holmes [mailto:[EMAIL PROTECTED]
>
> Troy S wrote:
>
> > What is the best way to remove the characters from strings that may
> > cause security problems?  Namely, `, ', ", <, >, \ and all non-printing
> > strings.  Did I miss any?  Thanks.
>
> Why do you need to remove them? So I can't type <grin>? Is that a
> security violation? All you need to do is use htmlentities() and/or
> addslashes() to protect data being displayed or entered into a database.
>

If you're worried about HTML code being entered (guess from desire to strip
<, > and /) and messing up your site's layout, you might wanna call
strip_tags($String, $AllowedTags); where $AllowedTags is a string like
'<b><u><i>' if you want to allow bold, underline and italics.

What is your intention?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to