[eluser]Phil Sturgeon[/eluser]
At the moment if I were to enter <?pHp, <?Php, <?phP etc then it would get through.
Current code:
Code:
function encode_php_tags($str)
{
return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str);
}
Should be:
Code:
function encode_php_tags($str)
{
return str_ireplace(array('<?php', '<?', '?>'), array('<?php', '<?', '?>'), $str);
}
str_ireplace is case-sensitive so all combinations of upper/lower-case will be matched.