I realize the importance of using valid html stuff. Here, however, I'm trying to validate *user input*, not fix up my own HTML pages. And I have no way of teaching the users to say < and > instead of < and > when they fill out their forms.
On Sat, 8 Jun 2002, David Freeman wrote: > > > The minor problem is that it treats a "not-equals" sign, > > "<>", as an empty tag and strips it, unless it's explicitely > > ...etc... > > Except, of course, that when writing html you are supposed to use > entities for any valid html stuff - ie. Use > and $lt; for > < and so > on. As you should also use " if you want a " in your html. The > fact that various browsers will let you get away with this does not make > it valid html. > > The argument above it a little like saying that there's a bug in php > because it will get confused if you have " marks inside your " marks... > Eg. > > $string = "fred said "wow" to me"; > I think my point still stands -- strip_tags() is intended to validate what users enter into forms. Of course, I wouldn't think of letting them write my PHP code :)) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
