CODEWITHSUNDEEP
phphtmldatabase
Daidara11
Daidara11

Reputation: 15

How to remove HTML-Tags in the database?

If I insert something into my databse it inserts the html tags with it. How can i prevent this ?

public function selectFromDatabase ()
{
     $query = "SELECT * FROM gb ORDER BY id DESC LIMIT 0, 4";
    //data output
    if ( $result = $this->mysqli->query($query) )
    {
        while ( $row = $result->fetch_object() )
        {
            echo strip_tags( $row->titel . "\t" . $row->autor . " (" . $row->email . ") schrieb am <br>" . $row->datum . "<br><br>" .$row->text , '<br>');
            echo "<hr>";
            echo "<br>";
        }
        $result->close();
    }
}

I am using strip_tags already. It shows me perfectly without the tags but not in my database.

This is my code to insert the value.

    public function insertToDatabase()
{
    //Prepare an insert statement
    $sql = 'INSERT INTO gb (titel,autor, email, text, datum) 
            VALUES (?, ?, ?, ?, ?)';

    if ( $this->stmt = $this->mysqli->prepare($sql) )
    {
        //Bind variables to the prepared statement as parameters
        $this->stmt->bind_param("sssss", $this->gen,$this->name, $this->mail, $this->nachricht, $this->datum);
        //Attempt to execute the prepared statement
        if ( $this->stmt->execute() )
        {
            echo "Hier ist dein Kommentar \u{261F} <br><br>";
        }
        else
        {
            echo "ERROR: Could not execute query: $sql. " . $this->mysqli->error;
        }
    }
    else
    {
        echo "ERROR: Could not prepare query: $sql. " . $this->mysqli->error;
    }
    $this->stmt->close();
}

This is how it looks like in my database

Image

Upvotes: 1

Views: 536

Answers (1)

nice_dev
nice_dev

Reputation: 17835

You will have to strip_tags when inserting in the DB table. Then you won't need it while displaying. To do so, change your insert line 

 $this->stmt->bind_param("sssss", $this->gen,$this->name, $this->mail, $this->nachricht, $this->datum);

to

list($this->gen,$this->name, $this->mail, $this->nachricht, $this->datum) = array_map("strip_tags",[$this->gen,$this->name, $this->mail, $this->nachricht, $this->datum]);

$this->stmt->bind_param("sssss", $this->gen,$this->name, $this->mail, $this->nachricht, $this->datum);

Upvotes: 1

Related Questions