Submit a Snippet
Search Snippets
New Snippets
Top Snippets
PHP (135) JavaScript (123) Java (65) VBSCRIPT (58) String (44) CSS (31) CSharp (28) File (28) HTML (27) C (24) mysql (24) VB.NET (24) CPlusPlus (23) groovy (23) Random (20)
Removing doubles ... IE Explorer Proxy... calculating md5 i... tabless form usin... find if array con... Rapleaf Address B... Javascript port o... hash sha1 URL Regular Expre... Email address val...Venture Capital Jobs
Snippet Menu
strip_tags() removes all html and php tags from your string, so there is no need to do it again by adding the 2 regular expression replaces (both, which I might add, do esentially the same thing).
If code injection (assuming php code injection) was what you were trying to avoid, a single call to strip_tags() should provide proficient. I would still, however, use htmlspecialchars().
http://ha.ckers.org/xss.html