How to strip the following html tags from user input in PHP? -

I do not want to use htmlentities () because I want to strip only 3 types of tags and allow all others I am These are to be stripped:

  - & lt; A hrefs ... - & lt; Scripts ... - & lt; Img src ...    How can this be done?  
   $ str = strip_tags ($ str, '& lt; a & gt; & lt; ; Scripts & gt; & lt; img & gt; ');    However, if it is for security,  it is not enough  use a white parser and whitelist of allowed tags and attributes.  
 Otherwise I would  & lt; Button onclick = "alert ('xss')" & gt; Hello!  / code>, for example.   

 


  







03:22

















Get link





Facebook





X





Pinterest





Email





Other Apps




Comments





Post a Comment







Popular Posts




google chrome extension - Reason for Uncaught Error: Attempting to use
a disconnected port object -



    While retrieving the request from the content script, I get this error in the background page. Does anyone know that this error What can be the reason?   Full stack trace:    Unwanted error: Attempt to use Chrome / Renderer Extension Binding Disconnected Port Objects: 147 Chrome.port Post Message Chrome / Renderer Extension Binings: 147 ChromeHird.port DicePatchOnConnect.Connect Event Chrome / Renderer Extension Binings: 89IExtension.fu SendResponse.state background.js: 1573db.readTransaction.tx.executeSql.paramStr background.js: 1038    This only happens when Reloading extension is not being helpful for a few hours - it is not that after restarting the Chrome browser it will be a solution that becomes normal for a few hours, content script may continue to send requests for background No response can be sent from the background. Is there any way that I can catch this unwanted error and reset the listener?   I am using chrome.extension.onRequest.addListener for my communication. Bef...






visual studio 2010 - How to reinstall MVC 2 tools for VS2010? -



    I uninstalled ASP.Net MVC 2 device for Visual Studio 2010. How can I restore it? MVC2 downloads seem to include only the VS2008 device.   Whatever I said, says that MVC 2 has been included in VS2010, but the installation of an improvement did not fix it, and MVC 2 is not listed. Add VS2010 / Select a component in the Remove screen.      You will get your VS2010ToolsMVC2.msi VS2010 DVD under WCU \ ASPNETMVC - hopefully it will do!    






Git Bash script to check whether repo has any commits? -



    I have a script on which I need to work differently if there is one, which is one or more , Commits. What is the best way to do this?   Something like this will appear in the proxy code.    #! / Bin / bash if [[`git log_count`] ==" 0 "]]; Then there is no commodity for this repo. # What goods ... and echo are "one or more committed!" # What are the other things?    Any ideas?      you can    git rev-parse -verify HEAD    (after :)     This is a pipeline command, and its behavior vs. "  git diff " There is very little possibility to change   I find it more pronounced  rev-parse -verify  means "is this a valid object name?"    This is your  show-ref .  You ask "Is there anything in this safe / head in the safe?"  I ask, "what current  head  exists?"   In practice, both of these are fair tests, because once you have a branch, so to achieve the  HEAD , some mock values will indicate manually lack of editing It is very diffic...








Powered by Blogger

Braz

Search This Blog

How to strip the following html tags from user input in PHP? -

Comments

Post a Comment