Strip off tags from text.
TAGS: strip, tags, PHP


For safety reasons you really should remove tags from the text that you users can input.
In PHP we have a nice little tool to strip off all HTML and PHP tags from any text. You can use it like in the example below, where the input from a textfield named 'form-subject' is read in a normal way with $_POST[''] and put in a variable named $subject. This is then parsed through the strip_tags and can then safely be written in to your database.

$subject = $_POST['form-subject'];
$subject = strip_tags($subject);


Or in short;

$subject = strip_tags($_POST['form-subject']);


This;

$teststreng = "<A HREF=''>Hello world</A><?php mysqli_query($con, $SQLstr); ?>"; 
$teststreng = strip_tags($teststreng); 
echo $teststreng;


...will become this; 'Hello world'.