Hi
First excuse me for my English and for my technical knowledges in PHP (I'm a novice)!
I wanted to know if ckeditor provides a function "like htmlentities".
I explain you my problem: I have a ckeditor textarea zone. In the next page, im doing an update of my database with the text of my textarea. But anyone can change the html source code and modify the text beetween <textarea></textarea> to put a <script> for example. So, I need to check in the next page my datas but if I apply htmlentities, I will loose the layout of my ckeditor text.
So is there a function that can keep the <p></p> (etc...) coming from ckeditor but which would erase <script> and the other "bad" html code.
I hope you understood me!
Thank you!!!
First excuse me for my English and for my technical knowledges in PHP (I'm a novice)!
I wanted to know if ckeditor provides a function "like htmlentities".
I explain you my problem: I have a ckeditor textarea zone. In the next page, im doing an update of my database with the text of my textarea. But anyone can change the html source code and modify the text beetween <textarea></textarea> to put a <script> for example. So, I need to check in the next page my datas but if I apply htmlentities, I will loose the layout of my ckeditor text.
So is there a function that can keep the <p></p> (etc...) coming from ckeditor but which would erase <script> and the other "bad" html code.
I hope you understood me!
Thank you!!!
Re: A function like htmlentities
You can check the php manual page here:
http://us2.php.net/manual/en/function.strip-tags.php
Be very careful using that as its not a replacement for proper user input validation and filtering.
Re: A function like htmlentities
@Tyrsson - thanks for helping users on the forum, I appreciate it!
@Freemp - check if it is the library you are looking for: http://htmlpurifier.org/
Wiktor Walc
CTO, CKSource - http://cksource.com
--
Follow CKEditor on: Twitter | Facebook | Google+