TalkPHP

TalkPHP (http://www.talkphp.com/forums.php)
-   Advanced PHP Programming (http://www.talkphp.com/advanced-php-programming/)
-   -   Cleaning Blog Input (http://www.talkphp.com/advanced-php-programming/2354-cleaning-blog-input.html)

Speeple 02-27-2008 12:30 PM
Cleaning Blog Input
 
I'm working on a blog service and I'm interested if anyone has any experience in "cleaning" the user input?

Things like recursive regular expressions to clean lists (dl, ul, li, ol etc.) are resource intensive and I imagine other services use simpler methods (which I'm not aware of :-/)

Does anybody know of any example code?

cosmok 02-27-2008 02:11 PM
some functions that you might use: strip_tags(), mysql_escape_string() and htmlentities(). Otherwise use standard libraries like HTML Purifier - Filter your HTML the standards-compliant way! to clean user input.

Speeple 02-27-2008 02:30 PM
Hey cosmok, never heard of "HTML Purifier" until now and it looks like an awesome set of classes!

Life saver mate, cheers!

cosmok 02-27-2008 10:39 PM
glad u found that useful.

abiko 02-27-2008 10:46 PM
Yeah, thanks man on that find :)
I've been looking to implent Input_Filter (used by Mambo/Joomla) - but don't like the way it filters :)
This is much simpler

pH4nToM 03-11-2008 08:52 PM
I still prefer

<?php htmlentities(mysql_escape_string($string)); ?>

stewart 03-14-2008 10:28 PM
htmlspecialchars(addslashes()); works for me most of the time ;D


All times are GMT. The time now is 12:14 AM.

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0