#29198 [NEW]: strip_tags silently strips out tags

Thu, 15 Jul 2004 21:01:07 -0700 

From:             steven at acko dot net
Operating system: Windows 2000
PHP version:      5.0.0
PHP Bug Type:     Strings related
Bug description:  strip_tags silently strips out <!...> tags

Description:
------------
The strip_tags function is hardcoded to strip out <!...> tags, such as
comments.

It is IMO expected behaviour for the function that specifying "<!-->" or
"<!DOCTYPE>" in the allowed tags list leaves these intact.

If this is expected behaviour for this function, then the documentation
should be updated.

(PS: The state machine in php_strip_tags() in string.c seems to contain
some redundancies. Someone who understand all of it should take a closer
look ;))

Reproduce code:
---------------
<?php
  print strip_tags("Some text. <!-- a comment --> Some text.", "<!-->");
?>

Expected result:
----------------
The output should be:
Some text. <!-- a comment --> Some text.
(with the comment intact)

Actual result:
--------------
The output is:
Some text.  Some text.
(the comment is stripped out)

-- 
Edit bug report at http://bugs.php.net/?id=29198&edit=1
-- 
Try a CVS snapshot (php4):  http://bugs.php.net/fix.php?id=29198&r=trysnapshot4
Try a CVS snapshot (php5):  http://bugs.php.net/fix.php?id=29198&r=trysnapshot5
Fixed in CVS:               http://bugs.php.net/fix.php?id=29198&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=29198&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=29198&r=needtrace
Need Reproduce Script:      http://bugs.php.net/fix.php?id=29198&r=needscript
Try newer version:          http://bugs.php.net/fix.php?id=29198&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=29198&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=29198&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=29198&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=29198&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=29198&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29198&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=29198&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=29198&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=29198&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=29198&r=float

Reply via email to