Geek Answers Handbook

Zend Framework Filter Input StripTags and "<3"

I am currently using Zend_Filter_StripTags in the comment system, but the material is torn when "<3" is entered. StripTags doesn't seem smart enough to realize that this is not an HTML tag, and creating a filter like the β€œnew Zend_Filter_StripTags (array ('3')) doesn't work either.

Should I pass the input through regex first, or is there a way to get Zend_Filter_StripTags to straighten and fly correctly?

+4
source share
4 answers

Finished writing the Zend_Filter class, which was basically a wrapper for HTMLPurifier. Works great because HTMLPurifier LOT is smarter than striptags.

+5
source

I am not very familiar with Zend, but if you want things like <3 to be allowed, just htmlspecialchars instead of strip_tags on it.

+1
source

You want most likely Zend_Filter_HtmlEntites.

See: Zend_Filter_HtmlEnties

+1
source

The problem with htmlspecialchars and Zend_Filter_HtmlEntities is that if you try to cross out all the html tags (for example, "a" and "img", etc.), then instead of deleting them, you get this markup on your output.

Take blog comments for example. If you use htmlspecialchars or Zend_Filter_HtmlEntities in a comment where someone is trying to use html to enter a link, you get this markup that appears when the comment is displayed. But if you use strip_tags or Zend_Filter_StripTags, you end up processing the comment, since none of them are smart enough to realize that "<3" is not a tag and just removes everything from "<3" to the end of the comment (or until it finds ">").

It would be nice if Zend had something like HTMLPurifier, where it actually validates and validates the input data before removing the tags. This means that things like "<3" are left alone where things like "Amazing Site" become "Amazing Site".

This is the problem I'm trying to work with, and at the moment it seems to me that I'm going to write my own Zend_Filter class, which is basically a wrapper for HTMLPurifier.

+1
source

More articles:


All Articles