[nycphp-talk] escaping
Susan Shemin
susan_shemin at yahoo.com
Thu Jan 24 12:40:35 EST 2008
Adrian, thank you! Been looking all over for the code.
----- Original Message ----
From: Adrian Noland <anoland at indigente.net>
To: NYPHP Talk <talk at lists.nyphp.org>
Sent: Thursday, January 24, 2008 5:05:34 AM
Subject: Re: [nycphp-talk] escaping
In addition to all the other comments made, strip_tags() is helpful in this situation.
http://us.php.net/strip_tags
As for excluding "www.", you need to do something like this:
$form_data = preg_match("www." "", $form_data);
http://us.php.net/manual/en/function.preg-replace.php
On 1/23/08, Susan Shemin <susan_shemin at yahoo.com> wrote:
Is this "escaping" that you guys have been talking about what you use to filter acceptable data into textbox form?
If so, can you explain exactly what is being used (e.g., htmlentities) and how to use it?
Actually I need to filter out nonpermitted characters since someone put a Viagra advertisement into the php blog I created! (Caught it quite quickly and deleted the entry from the database.) I'd like to exclude "www." from being entered into a form.
Susan
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20080124/aef5edcd/attachment.html>
More information about the talk
mailing list