I have a problem with PHP's strip_tags
function. I have a list which includes a whitelist for html tags. That list is generated from a function like:
setAllowedHtmlTags();
and output for this function is:
"<a><table><br>"
I want to eliminate other html tags but this. Therefore I use strip_tags function as follows:
echo strip_tags("sample text", setAllowedHtmlTags());
And here is my function:
function setAllowedHtmlTags()
{
$db = new PDO('mysql:host=' . host . ';dbname=' . DBNAME_SCHEMA, user, password);
$sql = "SELECT html_tag FROM allowed_html_tags_table";
$query = $db->query($sql);
$tagList = "";
if ($query->rowCount()){
foreach($query as $row){
$tagList .= $row['html_tag'];
}
}
return htmlentities($tagList);
}
But it does not work. strip_tags
function removes all html tags including mines in my whitelist. Can you please help me solve this issue?
Does your function
setAllowedHtmlTags()
really return what you told us? Try avar_dump(setAllowedHtmlTags());
to see what the function really returns.Or maybe you wanted to call getAllowedHtmlTags()?