views:

95

answers:

2

I'm trying to install HTML Purifier http://htmlpurifier.org/ but I get the following error Undefined variable: dirty_html. I was wondering how can I fix this problem?

Here is the PHP code.

 require_once '../../htmlpurifier/library/HTMLPurifier.auto.php';

 $config = HTMLPurifier_Config::createDefault();
 $config->set('Core.Encoding', 'UTF-8'); // replace with your encoding
 $config->set('HTML.Doctype', 'XHTML 1.0 Strict'); // replace with your doctype
 $purifier = new HTMLPurifier($config);

 $clean_html = $purifier->purify($dirty_html);

Here is my html form.

<form method="post" action="index.php">
    <fieldset>
        <ul>
            <li><label for="about-me">About Me: </label>
            <textarea rows="8" cols="60" name="about-me" id="about-me"></textarea></li>

            <li><label for="my-interests">My Interests: </label>
            <textarea rows="8" cols="60" name="interests" id="interests"></textarea></li>

            <li><input type="submit" name="submit" value="Save Changes" class="save-button" />
        </ul>
    </fieldset>

</form>
+1  A: 

$dirty_html should be the HTML of the webpage

It looks like you're adding a DOCTYPE and Encoding to your HTML so I assumed that you would use it like this:

$dirty_html =<<<DIRTYHTML
<form method="post" action="index.php">
    <fieldset>
        <ul>
            <li><label for="about-me">About Me: </label>
            <textarea rows="8" cols="60" name="about-me" id="about-me"></textarea></li>

            <li><label for="my-interests">My Interests: </label>
            <textarea rows="8" cols="60" name="interests" id="interests"></textarea></li>

            <li><input type="submit" name="submit" value="Save Changes" class="save-button" />
        </ul>
    </fieldset>

</form>
DIRTYHTML;

$clean_html = $purifier->purify($dirty_html);
echo $clean_html;
Phill Pafford
what html on the web page, what my form submits?
TaG
+1  A: 

It's not clear what you want to purify. Some $_POST vars? You get that error because you have not defined $dirty_html. For example, if you want to purify the about_me field, use

$clean_html = $purifier->purify($_POST['about_me']);
Nicolò Martini