[RESOLVED] How to store html in a string and compare it to another string in PHP?

Madao

I would like to block certain html commands on my site so I tried to store one in a string like...

$protect='<meta http-equiv="refresh" content="1">';

but it seems I can't compare it to a string? halp

dagon

$protect='<meta http-equiv="refresh" content="1">'; 
$protect2='<meta http-equiv="refresh" content="1">'; 

if($protect==$protect2){
echo 'same';
}

works for me, of course they have to be identical

block certain html commands on my site

not suer what you mean by this, if it's your site don't you control what's added?

Madao

doesn't work for me I did this...

// get data that sent from form
$topic=$_POST['topic'];
$detail=$_POST['detail'];
$name=$_POST['name'];
$email=$_POST['email'];
$datetime=date("d/m/y h:i:s"); //create date time

// Sanitize strings
$s_topic=mysql_real_escape_string($topic);
$s_detail=mysql_real_escape_string($detail);
$s_name=mysql_real_escape_string($name);
$s_email=mysql_real_escape_string($email);

// variables of malicious html
$s_protect='<meta http="refresh" content="1">';

// Insert topic
if($s_topic != $s_protect){
$sql="INSERT INTO $tbl_name(topic, detail, name, email, datetime)VALUES('$s_topic', '$s_detail', '$s_name', '$s_email', '$datetime')";
$result=mysql_query($sql, $dbLink);
}

The only reason you get the same result I think is because they are both == to nothing.

dagon

looks to me if you want to check if one sting is in another sting, not if 2 are identical.

that's usually done with strpos(), or regular expressions

bradgrafelman

Maybe [man]strip_tags/man is what you're looking for? Hard to know - I still don't really understand what it is you're trying to do.

dagon

unless you are putting topic in the page head element, the meta wont function anyway.

Madao

strip_tags() will strip all html but I just want to strip certain html tags

dagon

read the manual page for stip_tags() again, you can define allowable tags.

Madao

Or not... I'll just have to specify every single on I want it to disregard. Sorry I couldn't see how to edit my post so double post!

Madao

Thanks guys =)