[plug] Stripping out Markups in SQL
Shayne O'Neill
shayne at guild.murdoch.edu.au
Sun Sep 15 15:39:43 WST 2002
Does anyone know of a zope version of this? Squishdot (zope product) does
this , but I want to enable
image insertion for front page stories.
----- Original Message -----
From: "Lyndon Kroker" <ljkroker at netvigator.com>
To: <plug at plug.linux.org.au>
Sent: Saturday, September 14, 2002 5:19 PM
Subject: Re: [plug] Stripping out Markups in SQL
> You may want to consider the use of PHP as there is a custom function for
> this. PHP can be imbedded into the text of an html document if required.
>
> The function is called strip_tags(). Here is an example:
>
> $string = strip_tags($string, '<a><b><i><u>');
>
> The tags supplied in the second argument are the _allowable_ tags, and you
> can enter whatever tags you want to allow.
>
> <?php
>
> $query = "SELECT myhtmlstuff FROM mytable";
> $result = mysql_query($query) or
> die (mysql_error());
> $row = mysql_fetch_array($result);
>
> $my_html = $row[myhtmlstuff];
>
> // allow bold, undreline and italic
> $stripped_html = strip_tags($my_html, '<b><u><i>');
>
> // output to screen
> echo $stripped_html;
>
> ?>
>
> To make the script more secure the variables should be initialized.
Amoung
> other things this will help stop variables from being passed via a URL.
>
> If you want to read more about this fuction just http://www.php.net/
followed
> by the function name. For example:
>
> http://www.php.net/strip_tags
>
> Hope this helps,
>
> Lyndon
>
>
More information about the plug
mailing list