anti html

guerrillase7en

how can you make it so when something is stored in a MySQL database it wont let the users inter any html/php or any thing else that could alter my page...

xblue

Remove html tags completely: strip_tags()
Change them to be displayed in the browser: htmlspecialchars()

guerrillase7en

ok how would i use that? would it be like

strip_tags($whatever_they_post)

xblue

exactly:

echo strip_tags($HTTP_POST_VARS['input_name']);
or:
echo strip_tags($variable_name);

you can even allow some html tags:
$string = strip_tags($string, '<a><b><i><u>');

the last example is directly from the manual - though some complain it is hard to heard, the brief description and examples often help understanding a function.

guerrillase7en

cool, thanks, i've been needing just a basic forum system and none of the ones on the internet ie(phpbb) would let me use the user base i have now, plus they wouldn't be easy to make them blend in with my site...