1

How to allow these types of HTML tags inside the textarea for PHP into MySQL? The simple ones maybe... <b>, <i>, <u> etc.

Thank you.

Improve this question
2
  • How are they not allowed now? If you are using htmlspecialchars() when putting the data back in the textarea later, there should be no issue. Commented Sep 10, 2011 at 2:35
  • 3
    HTML Purifier Commented Sep 10, 2011 at 2:37

2 Answers 2

Reset to default
4

The php function strip_tags can be used for stripping all html tags except for $allowable_tags. Which can be specified like this:

strip_tags($textareaUserInput, '<b><i><u>');

I guess it's something like this that you want. However this doesn't solve possible problems with special characters that need to be escaped.

Also: Have a look at HTML Purifier as @Phil suggest in his comment. This is especialy a good idea if you are worried about security loopholes like XSS and such, because strip_tags won't be good enough if you allow certain tags to persist.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You can leave HTML-tags as is, because both PHP and MySQL don't have problems with that. When retrieving data from the database and place it inside the textarea, make sure to use htmlspecialchars() to convert characters with a special meaning to HTML-entities. For example < will be converted to &lt;.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.