|
|
Posted by Spocke on 01/18/08 19:18
Use: http://htmlpurifier.org/
It's way more secure than strip_tags.
On Jan 17, 11:06 pm, firewood...@yahoo.com wrote:
> On Wed, 16 Jan 2008 05:36:09 -0800 (PST), "C.
>
>
>
> (http://symcbean.blogspot.com/)" <colin.mckin...@gmail.com> wrote:
> >On 15 Jan, 19:38, a...@spamcop.net (axlq) wrote:
> >> In article <vl1qo3did9p695cr8sck2gpfejo4h03...@4ax.com>,
>
> >> <firewood...@yahoo.com> wrote:
> >> >I usetinyMCEto provide a formattable textarea for the users of my
> >> >website. How do I filter data so complex as that?
>
> >> What do you want to filter? WithTinyMCEyou can control the
> >> features that a user puts into the text. If the user tries to
> >> insert some HTML tags you don't allow (use any of the regexp
> >> functions or stristri()), simply warn the user and redisplay the
> >> text until the user fixes it.
>
> >!
>
> >Maybe its possible to configure the editor but thats client-side even
> >if it is configured not to allow certain tags to be entered, the
> >receiving PHP script should sanitize the input.
>
> >RTFM for strip_tags()
>
> >C.
>
> Ah RTFM. I've see I've found the perfect place to avoid
> enlightenment.
Navigation:
[Reply to this message]
|