[nycphp-talk] escaping
Adrian Noland
anoland at indigente.net
Thu Jan 24 08:05:34 EST 2008
In addition to all the other comments made, strip_tags() is helpful in this
situation.
http://us.php.net/strip_tags
As for excluding "www.", you need to do something like this:
$form_data = preg_match("www." "", $form_data);
http://us.php.net/manual/en/function.preg-replace.php
On 1/23/08, Susan Shemin <susan_shemin at yahoo.com> wrote:
>
> Is this "escaping" that you guys have been talking about what you use to
> filter acceptable data into textbox form?
>
> If so, can you explain exactly what is being used (e.g., htmlentities) and
> how to use it?
>
> Actually I need to filter out nonpermitted characters since someone put a
> Viagra advertisement into the php blog I created! (Caught it quite quickly
> and deleted the entry from the database.) I'd like to exclude "www." from
> being entered into a form.
>
> Susan
>
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20080124/5960ef35/attachment.html>
More information about the talk
mailing list