Page 1 of 1

Issue With strip_tags (solved)

Posted: Wed Aug 30, 2006 2:35 pm
by Bigun
Here's the code:

Code: Select all

$inputaboutme=strip_tags($inputaboutme, '<b><a><i><br><center><td><tr><table><caption><p><strike><small>');
Here's my problem.

The html gets input by the user, let's say a simple link:

Code: Select all

<a href="http://www.blahblahlblah.com">
After strip_tags gets done with it, it looks like this:

Code: Select all

<a href=\"http://www.blahblahlblah.com\">
Then it get's saved..... fine... no big deal.... but then the user goes back and makes some changes, the strip_tags gets run on it again.....

Code: Select all

<a href=\\"http://www.blahblahlblah.com\\">
and again....

Code: Select all

<a href=\\\"http://www.blahblahlblah.com\\\">
Anyway I can keep the single and double quotes from getting escaped... or only have it escape them once?

Posted: Wed Aug 30, 2006 2:56 pm
by Bigun
Nevermind, a simple command fixed it:

Code: Select all

$inputaboutme=str_replace('\\', '', $inputaboutme);

Posted: Wed Aug 30, 2006 3:20 pm
by Jenk
or you could solve the real problem, which is magic quotes running addslashes() on all GET, POST, COOKIE and REQUEST data.

Therefore you need to check if magic quotes is on (get_magic_quotes_gpc()) and then stripslashes() your data.