/ Published in: PHP
Variables that are submitted via web forms always need to be cleaned/sanitized before use in any way, to prevent against all kinds of different malicious intent.
Expand |
Embed | Plain Text
Copy this code and paste it in your HTML
function clean($value) { // If magic quotes not turned on add slashes. // Adds the slashes. // Strip any tags from the value. // Return the value out of the function. return $value; } $sample = "<a href='#'>test</a>"; $sample = clean($sample); echo $sample;