Page 1 of 1

strip_tags in PHP

Posted: Thu Jul 24, 2008 6:53 am
by sureshmaharana
~pickle | Please use [ code=html ], [ code=php ], etc tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: :arrow: Posting Code in the Forums to learn how to do it too.


Can someone tell me what is the use of strip_tags(); As per my knowledge the function of strip_tags() is to remove all HTML and PHP tags from a given string, but when i am enter <p>Test paragraph.</p><!-- Comment --> Other text in text box then i getting blank out put.


FYI this is my code:

Code: Select all

<?
function secured($val)
{
 
if(empty($val) or strlen($val) > 40)
{
return false;
} else {
$val = strip_tags(trim(($val)));
echo $val; exit;
$val = escapeshellcmd($val);
return stripslashes($val);
}
}
 
if(isset($_POST['Submit']))
{
$securityscript = $_POST['securityscript'];
echo secured($securityscript);
}
?>
 
<form name="test" method="post" action="secureTextBox.php">
<input type="text" name="securityscript">
<input type="submit" name="Submit" value="Submit">
</form>[code=text][code][/code][/code]

~pickle | Please use [ code=html ], [ code=php ], etc tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: :arrow: Posting Code in the Forums to learn how to do it too.

Re: strip_tags in PHP

Posted: Thu Jul 24, 2008 7:24 am
by manixrock
You have set the <form>'s action to "secureTextBox.php", however you have the php code on the same page as the form. Is the script's name "secureTextBox.php" ? You should leave action="" or not set it at all if you want it to go to the same page, in case you ever change the script's name in the future.

Re: strip_tags in PHP

Posted: Thu Jul 24, 2008 7:29 am
by sureshmaharana
Yes my file name is also secureTextBox.php

Re: strip_tags in PHP

Posted: Thu Jul 24, 2008 7:40 am
by manixrock
It's the length check you do on the string:

Code: Select all

if(empty($val) or strlen($val) > 40)
The string"<p>Test paragraph.</p><!-- Comment --> Other text" is 49 chars in length.

You might want to check the length after you've stripped the tags.

Re: strip_tags in PHP

Posted: Thu Jul 24, 2008 7:59 am
by sureshmaharana
Thanks manixrock