If you create registration forms and the like, you’ll often need to make sure that HTML tags are removed from anything your user types in just in case they’re attempting to be naughty.
What’s needed is a simple way to iterate through all the POSTed values and strip these tags out. It would be even better if some tags (such as <b>) were allowed.
Here’s how to do it:
foreach($_POST as $key=>$value)
{
$_POST[$key]=strip_tags($value,”<strong><b><i><br>”);
}
The specific function is called strip_tags and it takes two values. The first is the string to be stripped and the second is a list of allowable html tags. I’m using the foreach construct to iterate through the POSTed variables and pulling out the key for each array element along with its associated contents. These are then stripped of HTML and then the key value is used to replace the existing array element with the stripped one.
.gif)