发表新帖
发表新帖

How to strip tags in a safer way than using strip_tags function?

后端 未结
关注
3 1599
耶瑟儿~
耶瑟儿~ 2021-01-18 05:48

I\'m having some problems using strip_tags PHP function when the string contains \'less than\' and \'greater than\' signs. For example:

If I do:

stri
相关标签:
3条回答
  • 南笙
    2021-01-18 06:35

    As a wacky workaround you could filter non-html brackets with:

    $html = preg_replace("# <(?![/a-z]) | (?<=\s)>(?![a-z]) #exi", "htmlentities('$0')", $html);

    Apply strip_tags() afterwards. Note how this only works for your specific example and similar cases. It's a regular expression with some heuristics, not artificial intellegince to discern html tags from unescaped angle brackets with other meaning.

    0 讨论(0)
  • 离开以前
    2021-01-18 06:41

    If you want to have "greater than" and "lesser than" signs, you need to escape them:

    &gt; is >

    &lt; is <

    See e.g. this: http://www.w3schools.com/html/html_entities.asp

    0 讨论(0)
  • 说谎
    2021-01-18 06:53

    Instead of strip_tags(), just use htmlspecialchars() instead.

    http://php.net/manual/en/function.htmlspecialchars.php

    0 讨论(0)
 看不清?
提交回复
热议问题