stripping html + other stuff from post data

[eluser]Unknown[/eluser]
Hey,

I im building something similar to our average forum board. and when im using the form validation class, im using the strip_tags php function to get rid of all html tags.. is this how most forum board do this, or is there a better way to accomplish getting rid of those unwanted html tags so people cant mess with your forum (ie: adding </div> a bunch of times to ruin style ans such)

thanks,
--alex

[eluser]TheFuzzy0ne[/eluser]
Welcome to the CodeIgniter forums!

You can do that if you want, but you should also be sure to convert the remaining string to HTML entities.

Code:

$str = htmlentities(strip_tags($str));

If removing HTML suits your needs, then do that. On my forum I'm going to just convert the text to HTML entities when the text is inserted into the database, just in case someone wants to write HTML that isn't parsed.