It’s always important to clean/sanitize variables that are submitted via web forms to prevent against all kinds of different malicious threat. Here is a complete function to clean your variables before use. function clean($value) { // If magic quotes not turned on add slashes. if(!get_magic_quotes_gpc()) // Adds the slashes. { $value = addslashes($value); } // Strip any tags from the value. $value = strip_tags($value); // Return the value out of the function. return $value; } $sample = “<a href=’#'>This a test</a>”; $sample = clean($sample); echo $sample;
↧