Support the ongoing development of Laravel.io →
imchivaa
posted 10 years ago
Security Input
Last updated 1 year ago.
0
barryvdh
replied 10 years ago
Solution

You can't. If you want to allow html, use http://www.php.net/strip_tags

Last updated 1 year ago.
0
imchivaa
replied 10 years ago

I understand that using strip_tags will allow me to pass in second parameter so i can whitelisting some html entities but will it by default (without passing any whitelisting parameter) sanitize everything just like e() ?

Last updated 1 year ago.
0
barryvdh
replied 10 years ago

Strip_tags strips the tags, htmlentities converts the html tags, so you can read the tags, but they aren't parsed as HTML. So they are not the same.

Last updated 1 year ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

imchivaa imchivaa Joined 19 Mar 2014

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
Skynet Technologies
Steadfast Collective
BairesDev
Remotely Works

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X Twitter GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise