Matt Palermo wrote:
I realize that I can use the strip_tags function to remove HTML. But I
don't want to remove HTML tags. I just want to make sure all open HTML
tags
are closed. For example if they user submits HTML with a table tag and
never closes it, then the rest of the page will look
On 09-Dec-2004 Marek Kilimajer wrote:
snipage
not really, but it removes script and /script so javascript is
not
interpreted.
$txt = preg_replace('|script[^]*?.*?/script|si', '', $txt);
Regards,
--
Don Read [EMAIL PROTECTED]
-- It's always darkest
Matt Palermo wrote:
I realize that I can use the strip_tags function to remove HTML. But I
don't want to remove HTML tags. I just want to make sure all open HTML tags
are closed. For example if they user submits HTML with a table tag and
never closes it, then the rest of the page will look
Matt Palermo wrote:
I would like to leave any HTML in there,
Do you *TRUST* the people typing the HTML to not attack your server, or
others, with cross-site scripting attacks?
If not, go re-read the manual about strip_tags, and pay particular
attention to the second, optional, argument.
but
From: Richard Lynch [EMAIL PROTECTED]
Matt Palermo wrote:
but just make sure that ending
tags exist, so it doesn't screw up the rest of the page. Strip tags would
just wipe out the HTML rather than allowing it and ending it safely.
Strip tags will allow you to wipe out *DANGEROUS*
I realize that I can use the strip_tags function to remove HTML. But I
don't want to remove HTML tags. I just want to make sure all open HTML tags
are closed. For example if they user submits HTML with a table tag and
never closes it, then the rest of the page will look screwed up. I still
On Fri, 10 Dec 2004 17:38:13 -0500, John Holmes
[EMAIL PROTECTED] wrote:
strip_tags() is a rather worthless function, if you ask me.
strip_tags() is pretty handy when scraping another site. Like the
other day I was asked to grab some links off a site where there was no
RSS feed available.. I
On Wed, 8 Dec 2004 22:33:19 -0500, Matt Palermo [EMAIL PROTECTED] wrote:
I am allowing users to imput HTML code into a textarea. After they input
this, I wany to output their HTML to the browser. In order for the document
to be safe, I need to close all open HTML tags that have been left open
Matt Palermo wrote:
I am allowing users to imput HTML code into a textarea. After they input
this, I wany to output their HTML to the browser. In order for the
document
to be safe, I need to close all open HTML tags that have been left open by
the user, along with any open comments. Is
Richard Lynch wrote:
Matt Palermo wrote:
I am allowing users to imput HTML code into a textarea. After they input
this, I wany to output their HTML to the browser. In order for the
document
to be safe, I need to close all open HTML tags that have been left open by
the user, along with any open
I would like to leave any HTML in there, but just make sure that ending
tags exist, so it doesn't screw up the rest of the page. Strip tags would
just wipe out the HTML rather than allowing it and ending it safely.
Richard Lynch [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Matt Palermo wrote:
I am allowing users to imput HTML code into a textarea. After they input
this, I wany to output their HTML to the browser. In order for the document
to be safe, I need to close all open HTML tags that have been left open by
the user, along with any open comments. Is there
12 matches
Mail list logo
