Welcome! » Log In » Create A New Profile

Detect any html tags

Posted by kriko 
Detect any html tags
June 04, 2009 01:28PM

Hello!

Is it possible to use HTML Purifier just to detect if input string contains any html tags, without purifying. I would like to discard whole thing in case if it does, just I don't know how to achieve that.

Re: Detect any html tags
June 04, 2009 01:52PM

Try strip_tags($text) === $text

Re: Detect any html tags
June 04, 2009 01:53PM

I should add that this sort of checking is not recommended.

Re: Detect any html tags
June 04, 2009 01:55PM

Thanks, will try that.

Why is not recommended? I'm using a form which should only contain plain text, I really don't want html in it.

Re: Detect any html tags
June 05, 2009 12:15AM

Then you should store the data verbatim, and escape it as appropriate for the output format (htmlspecialchars for HTML, mysql_real_escape_string for SQL, etc). This means if I do something innocuous like , it doesn't cause the script to reject it.

Re: Detect any html tags
June 08, 2009 01:17PM

or use filter_var() if you're using php 5.2 or later

ie. $clean_plaintext = filter_var($dirty_text, FILTER_SANITIZE_STRING);

see http://www.w3schools.com/PHP/php_ref_filter.asp

Martin
Re: Detect any html tags
February 21, 2017 03:06PM
Author:
Your Email:

Subject:

HTML input is enabled. Make sure you escape all HTML and angled brackets with < and >.

Auto-paragraphing is enabled. Double newlines will be converted to paragraphs; for single newlines, use the pre tag.

Allowed tags: a, abbr, acronym, b, blockquote, caption, cite, code, dd, del, dfn, div, dl, dt, em, i, ins, kbd, li, ol, p, pre, s, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, var.

For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and pre to preserve newlines:

<pre><![CDATA[
Place code here
]]></pre>

Power users, you can hide this notice with:

.htmlpurifier-help {display:none;}

Message: