用HTML内容消除POST内容 [英] Sanitize POST content with HTML contents

问题描述

我想通过POST发送HTML内容。
但是当获取它并清理它时，它也会清除HTML字符。

  $ Code = filter_var_array（$ value， FILTER_SANITIZE_STRING）; 
  

当我发送时：

 我想要< strong>保存此数据< / strong> 
  

我收到：

 我想保存这些数据
  

我应该更改哪些内容以创建安全字符串？

edit：
在我的表单中，我有一个所见即所得的编辑器（FCK Editor） 。

解决方案

我已经使用 HTMLPurifier

基本用法类似于此;

这是一个用于清理HTML输入的PHP过滤器库。 pre> include_once（ '/ htmlpurifier /库/ HTMLpurifier.auto.php'）;
$ config = HTMLPurifier_Config :: createDefault（）;
$ purifier = new HTMLPurifier（$ config）;
$ clean ['htmlData'] = $ purifier-> purify（$ _ POST ['htmlData']）;


I want to send HTML content by POST. But when fetching it and sanitizing it it also cleans the HTML characters.

$Code = filter_var_array($value, FILTER_SANITIZE_STRING);

WHen I send :

I would like to <strong>Save this data</strong>

I receive :

I would like to Save this data

What should I change to create a safe string?

edit : In my form I have a WYSIWYG editor (FCK Editor) and it's contents is where I am after.

解决方案

I have used HTMLPurifier which is a PHP filter library to sanitize HTML input.

Basic usage is something like this;

include_once('/htmlpurifier/library/HTMLpurifier.auto.php');
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
$clean['htmlData'] = $purifier->purify($_POST['htmlData']); 

这篇关于用HTML内容消除POST内容的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！