How can one ensure that only HTML tags are preserved while filtering out PHP commands in PHP code?
To ensure that only HTML tags are preserved while filtering out PHP commands in PHP code, you can use the strip_tags() function in PHP. This function allows you to specify which HTML tags should be allowed, while removing any PHP code present in the input.
$input = "<p>Hello, <?php echo 'World'; ?></p>";
$cleaned_input = strip_tags($input, "<p><a><strong><em>");
echo $cleaned_input;
Keywords
Related Questions
- How can PHP developers prevent the loss of formatting characters like \n when outputting HTML content?
- How do different email clients handle the execution of PHP scripts or embedded links in HTML emails?
- What are the potential consequences of not properly sanitizing user input in PHP when constructing SQL queries?