Login

06-17-2009, 10:43 PM

[eluser]bobbob[/eluser]
I am getting some news feeds and filtering before entering into the database.
As a result when I echo out the contents the comments display in the text as  for example. I am sure xss_clean() is doing this.
Is there a fix so they are removed or stay as tags in the database?
Thanks

06-17-2009, 10:58 PM

[eluser]Thorpe Obazee[/eluser]
I am not sure about this but I believe the form helper form_prep is the one doing the conversion.

One way to do it is to avoid the form helpers.

06-17-2009, 11:17 PM

[eluser]bobbob[/eluser]
If i drop using xss_clean() is there a way of avoiding writing some equivalent function which just doesn't turn comments into entities? Reg expressions are not my fave.

06-17-2009, 11:31 PM

[eluser]Thorpe Obazee[/eluser]
[quote author="bobbob" date="1245320263"]If i drop using xss_clean() is there a way of avoiding writing some equivalent function which just doesn't turn comments into entities? Reg expressions are not my fave.[/quote]

Did you read my post above?

06-17-2009, 11:33 PM

[eluser]bobbob[/eluser]
I thought I had but it has been a long day.
So without the helpers is there a simple way?

06-17-2009, 11:46 PM

[eluser]bobbob[/eluser]
So I solved this myself I think.
It has not been widely tested but seems to make sense.

Code:
&lt;?php

 $body = stripslashes($body);

  $body = str_replace('&lt;!--','&lt;!--',$body);

  $body = str_replace('--&gt;','--&gt;',$body);

  echo $body;

?&gt;

That would be & l t ; ! - - and - - & g t ; without the spaces as that function is being done on my post too!