Thanks Ashley...that did the trick.
After reading about the limitations of strip_tags I decided to just replace the bad bits as below... It still uses your "foreach" suggestion but replaces "<" and ">" with "(" and ")" instead of stripping tags.

I think I will extend the good and bad arrays to deal with magic quotes also !

$bad = array('<','&lt;','&#60;', '>', '&gt;', '&#62');
$good = array('(', '(', '(', ')', ')', ')');
foreach ($_POST as $key => $value) {
$_POST[$key] = str_ireplace($bad, $good, $value);

I'd do something like this, so as to preserve the original post data

$data = Array();
foreach($_POST as $key => $value)
   $data[$key] = strip_tags($value);

Note that strip_tags() will not be able to decently clean up messy code
(i.e. code where the opening or closing tags themselves aren't formed


PHP General Mailing List (
To unsubscribe, visit:

Reply via email to