Stripping tags!!!
Posted: Thu Mar 18, 2004 2:57 pm
I have been trying to remove all html/script tags to prevent it from showing on the main news area. This is because my site was attacked and script was injected through the news area redirecting to another site. I have tried:
<?php
$link = mysql_connect("???", "???", "???");
mysql_select_db("???") or die("couldnt connect" . mysql_error());
$sql = "SELECT * FROM news ORDER BY ID";
$result = mysql_query($sql) or die(mysql_error());
while (true)
{
$row = mysql_fetch_assoc($result);
if ($row == false) break;
echo "<img src='news.gif' border=1>";
$headline = $row['headline'];
$username = $row['username'];
$mainnews = $row['mainnews'];
$headline1 = striptags($headline);
$username1 = striptags($username);
$mainnews1 = striptags($mainnews);
echo "<br><u><b>.:'$headline1':.<U></b> posted by '$username' <br>";
echo "'$mainnews'<br>";
echo "<hr color='white'>";
}
?>
Please help!
Regards
Joe
<?php
$link = mysql_connect("???", "???", "???");
mysql_select_db("???") or die("couldnt connect" . mysql_error());
$sql = "SELECT * FROM news ORDER BY ID";
$result = mysql_query($sql) or die(mysql_error());
while (true)
{
$row = mysql_fetch_assoc($result);
if ($row == false) break;
echo "<img src='news.gif' border=1>";
$headline = $row['headline'];
$username = $row['username'];
$mainnews = $row['mainnews'];
$headline1 = striptags($headline);
$username1 = striptags($username);
$mainnews1 = striptags($mainnews);
echo "<br><u><b>.:'$headline1':.<U></b> posted by '$username' <br>";
echo "'$mainnews'<br>";
echo "<hr color='white'>";
}
?>
Please help!
Regards
Joe