* Thus wrote John W. Holmes:
> Jason Paschal wrote:
>
> >i'd like to be able to strip only one type of HTML tag from a web
> >document (<a>), but to do that with strip_tags(), i'd have to predict
> >every possible HTML tag that might be used, except for the one i want to
> >strip, and put those in the allowable tags parameter.
> >
> >That's why I was hoping someone knew of a better way to accomplish
> >this. Any suggestions are welcome.
>
> Something like
>
> $new_text = preg_replace('!<a.*</a>!iU','',$old_text);
>
> will get rid of the <a> tags and leave everything else. Honestly,
> though, if you're allowing everything else, why not allow these? I can
> just as easily set up the text with decorations to make it look like a
> link and give it an "onclick" action to load another page...
heh.. when I need someone for a security audit I'll keep you in
mind :D
Curt
--
First, let me assure you that this is not one of those shady pyramid schemes
you've been hearing about. No, sir. Our model is the trapezoid!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
