Thanks Ashley...that did the trick.
After reading about the limitations of strip_tags I decided to just replace the bad bits as below... It still uses your "foreach" suggestion but replaces "<" and ">" with "(" and ")" instead of stripping tags.


I think I will extend the good and bad arrays to deal with magic quotes also !

$bad = array('<','&lt;','&#60;', '>', '&gt;', '&#62');
$good = array('(', '(', '(', ')', ')', ')');
foreach ($_POST as $key => $value) {
$_POST[$key] = str_ireplace($bad, $good, $value);
}





I'd do something like this, so as to preserve the original post data
array:

$data = Array();
foreach($_POST as $key => $value)
{
   $data[$key] = strip_tags($value);
}

Note that strip_tags() will not be able to decently clean up messy code
(i.e. code where the opening or closing tags themselves aren't formed
properly)


Ash
www.ashleysheridan.co.uk




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to