Data entry validation allowing HTML TAG

Posted on

Coding Problem :

I need to do a validation, always valid on the client side / JS and server / PHP, and allow the user to enter some TAGs for formatting the final result, any tips on how to do this? Is it better to use a field of type textarea or use an editor?

Some TAGs that I want to allow:

h1 a h6
<p>
<u>
<strong>
<address>
<strong>

    

asked by anonymous 01.12.2014 / 14:25

Answer :


Answer 1 :

You can use this function from native php strip_tags($texto, $tags_permitidas);
for example:

strip_tags("<strong><span class='block'>texto a ser filtrado</span></strong>", '<strong>');

in this way the result would be:

<strong>texto a ser filtrado</strong>

For more information see the documentation:

link

    


Answer 2 :

I created the function below to save the user data, did some tests and was able to execute the filter and save successfully.

function fDescribe() { 
        functions::startSession();
        if($_POST['token'] == $_SESSION['token']) {
            $this->describeC = strip_tags($_POST['textarea'],
             '<h1><h2><h3><h4><h5><h6><p><u><strong><em><address><strong><br><abbr>');

            $this->conn = parent::getCon();                                 
            $this->pQuery = $this->conn->prepare("update table set description=? where user_id=? limit 1"); 
            $this->pQuery->bindParam(1, $this->describeC);
            $this->pQuery->bindParam(2, $_SESSION['id']);
            $this->result = $this->pQuery->execute();
            unset($this->conn); 
            if($this->result == true) {
                functions::generateJsonMsg('success', null, null, null, null);
                exit();
            } else  {
                functions::generateJsonMsg('fault', 'queryFault', null, null, null);
                exit();
            }                               
    } else 
        return false;   
}

    


Answer 3 :


Answer 4 :


Answer 5 :


Answer 6 :


Answer 7 :


Answer 8 :


Answer 9 :

Leave a Reply

Your email address will not be published. Required fields are marked *