> Hello. I just finished creating a simple input form in
> which the contents of a textarea get written to a file
> which in turn gets read by a particular page. is there
> anyway to "disable" any html or php tags that the user
> might have typed in? it seems pretty dangerous to
> allow a user to enter any amount of php programming at
> their will.
> something as simple as a function that strips all <'s
> and >'s would work just as well i would imagine.

Look at ereg_replace() and html_special_chars() in the fine manual:



Greg Donald - http://destiney.com/
http://phprated.com/ | http://phplinks.org/ | http://phptopsites.com/

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to