Support the ongoing development of Laravel.io →
imchivaa
posted 9 years ago
Security Input
Last updated 1 year ago.
0
barryvdh
replied 9 years ago
Solution

You can't. If you want to allow html, use http://www.php.net/strip_tags

Last updated 1 year ago.
0
imchivaa
replied 9 years ago

I understand that using strip_tags will allow me to pass in second parameter so i can whitelisting some html entities but will it by default (without passing any whitelisting parameter) sanitize everything just like e() ?

Last updated 1 year ago.
0
barryvdh
replied 9 years ago

Strip_tags strips the tags, htmlentities converts the html tags, so you can read the tags, but they aren't parsed as HTML. So they are not the same.

Last updated 1 year ago.
0

Sign in to participate in this thread!

LaraJobs

Your banner here too?

imchivaa imchivaa Joined 19 Mar 2014

Moderators

We'd like to thank these amazing companies for supporting us

Beyond Code
Fathom
Forge
Envoyer
LaraJobs
LoadForge
Skynet Technologies
Lightflows
Localazy

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

Twitter GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2023 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise