How to search for an html tag and delete it

Question

I have made a description system, but all which doesn't work is my "search and delete unwanted tags"-system... Here's the code:

$mystring = $description;
$findme   = '<';
$pos = strpos($mystring, $findme);
echo $pos;

if ($pos == false) {
    $user = mysql_query("SELECT * FROM members WHERE username='$myusername' AND password='$mypassword'");
    while($row=mysql_fetch_array($user)) {
        mysql_query("UPDATE members SET description = '$description' WHERE username = '$myusername' AND password = '$mypassword'");
        echo "<tr><td colspan='2'><span style='color:#0076c9;'>Your description has successfully been changed! Go back to your page to see the changes!</span></td></tr>";
    }
} else {
    echo "<tr><td colspan='2'><span style='color:#F00;'>Invalid input! Make sure that no other code than <br /> can be typed in!</span></td></tr>";
}

Is there any possible way of doing this? I have seen it on YouTube, but are too good! Anyone who knows how to do it?

Oh and I also noticed that my function only shows the position of the first tag... Not all tags and it can't see the difference between a <br /> (which is allowed) and an <img> (not allowed).

Answer 1

If you want to remove HTML tags and only allow some of them you can use strip_tags function like this

strip_tags($text, '<br><a>');

This will return the text you entered $text with no tags except <br> & <a> tags You can read more about strip_tags Here

Answer 2

Use the built-in strip_tags-function.

string strip_tags ( string $str [, string $allowable_tags ] )

Example:

$str = "<a href='http://google.com'>Here</a> we go<br />";
echo strip_tags($str, "<br>");

Output: "Here we go <br />"

Answer 3

You'll have to add in more tags or just make it generic by taking out the section in parentheses:

if(preg_match("/<(span|html|table).*?>/", $description)) {
    rejected...
}