PHP.nl

strip_tags

strip_tags

Strip HTML and PHP tags from a string

string **strip_tags** string $string  $allowed_tags

This function tries to return a string with all NULL bytes, HTML and PHP tags stripped from a given . It uses the same tag stripping state machine as the function. string``fgetss

stringThe input string.

allowed_tagsYou can use the optional second parameter to specify tags which should not be stripped. These are either given as string, or as of PHP 7.4.0, as array. Refer to the example below regarding the format of this parameter.

Opmerking: > HTML comments and PHP tags are also stripped. This is hardcoded and can not be changed with . allowed_tags

Opmerking: > Self-closing XHTML tags are ignored and only non-self-closing tags should be used in . For example, to allow both and , you should use: allowed_tags``<br>``<br/>

<?php
strip_tags($input, '<br>');
?>

Returns the stripped string.

Voorbeeld: example

<?php
$text = '<p>Test paragraph.</p><!-- Comment --> <a href="#fragment">Other text</a>';
echo strip_tags($text);
echo "\n";

// Allow <p> and <a>
echo strip_tags($text, '<p><a>');

// as of PHP 7.4.0 the line above can be written as:
// echo strip_tags($text, ['p', 'a']);
?>

Test paragraph. Other text
<p>Test paragraph.</p> <a href="#fragment">Other text</a>

Waarschuwing: > This function should not be used to try to prevent XSS attacks. Use more appropriate functions like or other means depending on the context of the output. htmlspecialchars

Waarschuwing: > Because does not actually validate the HTML, partial or broken tags can result in the removal of more text/data than expected. strip_tags

Waarschuwing: > This function does not modify any attributes on the tags that you allow using , including the and attributes that a mischievous user may abuse when posting text that will be shown to other users. allowed_tags``style``onmouseover

Opmerking: > Tag names within the input HTML that are greater than 1023 bytes in length will be treated as though they are invalid, regardless of the parameter. allowed_tags

htmlspecialchars

Vorige ← strcspn Volgende stripcslashes →

Documentatie