Support » Everything else WordPress » How can I remove html attributes in php?

  • Hi,

    I’m fairly new to php and I have some problems. I made a form. It enters data into mysql. I did that successfully. Now, showing stuff from mysql is what I’m having problems with.
    How can I remove bad html like <A HREF=””onMouseOver=”document.bgColor=’black'”>Black. I have no problems with <a href="bla"></a>but I dont want onclick, onmouseover or any other javascript.

    My current code is

    ———————————–<br />
    $querytext = "SELECT text_change FROM textpad LIMIT 1";<br />
    $textyresult = mysql_query ($querytext);<br />
    while ($row = mysql_fetch_assoc ($textyresult)) {

    $text_change = strip_tags ($row['text_change'], '<a><b><i><u><strike>');

    echo $text_change;<br />
    —————————————–

    strip_tags seems to only remove html tags and not attributes. Anything similar?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter omgwtf

    (@omgwtf)

    Ok, I think I got it.
    $bullshittags = array("javascript:", "onclick", "ondblclick", "onmousedown", "onmouseup", "onmouseover", "onmousemove", "onmouseout", "onkeypress", "onkeydown", "onkeyup", "onMouseOver");
    $textpad_clean = str_replace($bullshittags, "", "$text_change");

    But, it seems to take the array case-sensitive.

    Thread Starter omgwtf

    (@omgwtf)

    I feel like an idiot now:
    http://www.php.net/strip_tags

    WordPress includes kses, so you could also make use of that.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘How can I remove html attributes in php?’ is closed to new replies.