I use htmlspecialchars function in my string. But, I don't want to clean them;
<b>, <br>, <p> <ul>,<li> bla bla...
Example: Mystring = "<script>.....</script><br><b>test</b><p>aaaa</p>";
I want to; =
.....views:
136answers:
3I used it, but <script>, <html>, <head>, <meta> bla blaa... Deleting all of which. I want htmlspecialchars them html tags. (<script>, <html>, <head>, <meta>)
TeknoSeyfo
2010-03-14 13:17:53
Wow, I didn't know about this function. It's really useful! Thanks. +1
henasraf
2010-03-14 13:33:46
@henasraf - Yes it's useful, but only if you don't use the second parameter (allowable_tags). Read my comparison link in HTML Purifier.
Sagi
2010-03-14 13:35:33
+4
A:
Have a look at HTML Purifier, and especially the whitelist feature.
This is probably the safest approach if you allow HTML tags. You can view the comparison here.
Sagi
2010-03-14 13:28:18
A:
You can use HTML Sanitizer Class - http://www.phpclasses.org/browse/package/3746.html
scopus
2010-03-14 18:29:02