Osah Prince
Reputation: 73
PHP strip_tag and htmlspecialchars not working for multiple input
I'm trying to remove html tags from multiple user input. I tried it individually it worked, but when i turned it into a function it's not removing the html tags...
$test = array('name' => '<script>alert("HELLO..");</script>',
'phone' => '23497999000000'
);
(clean($test));
function clean($field)
{
foreach ($field as $key => $value) {
$value = htmlspecialchars(strip_tags($value));
}
return $field;
}
Upvotes: 0
Views: 222
Answers (3)
u_mulder
Reputation: 54841
Option with passing $value by reference:
function clean($field)
{
foreach ($field as &$value) {
$value = htmlspecialchars(strip_tags($value));
}
return $field;
}
Upvotes: 1
MatsLindh
Reputation: 52832
You're not assigning the values to anything, so the value is lost inside your inner loop.
function clean($field)
{
foreach ($field as $key => $value) {
$field[$key] = htmlspecialchars(strip_tags($value));
}
return $field;
}
You also want to keep the cleaned version when returning:
$test = clean($test);
Upvotes: 1
Zoldszemesostoros
Reputation: 397
You're set the value of $value, but lose it, when it comes out of scope.
I think it'll be correct:
function clean($field)
{
foreach ($field as $key => $value) {
$field[$key] = htmlspecialchars(strip_tags($value));
}
return $field;
}
Upvotes: 0
Related Questions
- Problem with PHP strip tag
- strip_tags disallow some tags
- Strip multiple tags with strip_tags()
- PHP strip tags are not working
- strip_tags not working in this example
- Combining htmlspecialchars and strip_tags
- php strip_tags issue
- PHP Security - Combining functionality of strip_tags(); & htmlspecialchars();
- php strip_tags() troubles
- PHP strip tags also removing \n