thelolcat
Reputation: 11545
strip_tags enough to remove HTML from string?
The site user can sign-up on a site, and during sign-up he can provide a name.
I want this name to be a valid name, and free of any HTML and other funky characters. Is strip_tags enough for this?
Upvotes: 2
Views: 2269
Answers (2)
Keyne Viana
Reputation: 6202
Regex could fit well with less code:
^[A-Z]'?[- a-zA-Z]( [a-zA-Z])*$
Here we have good examples:
Upvotes: 2
designosis
Reputation: 5263
I find that there's no single function for idiot-proofing user inputs. Best to mix a few together:
$val = trim($val);
$val = strip_tags($val);
$val = htmlentities($val, ENT_QUOTES, 'UTF-8'); // convert funky chars to html entities
$pat = array("\r\n", "\n\r", "\n", "\r"); // remove returns
$val = str_replace($pat, '', $val);
$pat = array('/^\s+/', '/\s{2,}/', '/\s+\$/'); // remove multiple whitespaces
$rep = array('', ' ', '');
$val = preg_replace($pat, $rep, $val);
$val = trim($val);
$val = mysql_real_escape_string($val); // excellent final step for MySQL entry
Upvotes: 4
Related Questions
- Remove all html tags from php string
- PHP removing html tags from string
- PHP - Removing the effect of HTML tags in string - BUT displaying them as well?
- How can I remove all HTML tags from a PHP string?
- Stripping html tags using php
- remove html tags
- How to remove HTML tags from strings?
- How do I remove HTML tags from a string?
- Strip HTML tags from string
- What is the best way to strip out all html tags from a string?