> -----Oorspronkelijk bericht----- > Van: John W. Holmes [mailto:[EMAIL PROTECTED] > > Troy S wrote: > > > What is the best way to remove the characters from strings that may > > cause security problems? Namely, `, ', ", <, >, \ and all non-printing > > strings. Did I miss any? Thanks. > > Why do you need to remove them? So I can't type <grin>? Is that a > security violation? All you need to do is use htmlentities() and/or > addslashes() to protect data being displayed or entered into a database. >
If you're worried about HTML code being entered (guess from desire to strip <, > and /) and messing up your site's layout, you might wanna call strip_tags($String, $AllowedTags); where $AllowedTags is a string like '<b><u><i>' if you want to allow bold, underline and italics. What is your intention? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
