Use of Zend Framework setTagsAllowed getTagsAllowed?

Question

I have some very fundamental questions about the use of the setTagsAllowed and getTagsAllowed methods used with Zend Framework\'s Zend_Filter_StripTags? Specifically:

Answer 1

Where should the list of tags defined? In the application's controller?

You could do that. If you're likely to reuse the list elsewhere in your application, you might want to consider using Zend_Registry.

Does the array have to include the <> ... ?

Just 'h1'. For example:

$allowedTags = array(
'a',
'b',
'em',
'strong'
);

Does the array have to include the closing tags ... ?

No.

An example would be appreciated.

Sure:

// permit only the , ,  and  tags
$allowedTags = array('a','b','em','strong');

// allow only the href attribute to be used in the above tags 
// (which should only be within the  tag anyway)
$allowedAttributes = array('href');

// create an instance of Zend_Filter_StripTags to use
$stripTags = new Zend_Filter_StripTags($allowedTags,$allowedAttributes);

// now filter the string
$sanitizedInput = $stripTags->filter($userInput);

Does this answer your question?