On 6/6/05, Chris Shiflett <[EMAIL PROTECTED]> wrote:
> Dotan Cohen wrote:
> > IF you know every single tag that exists! And being how I only wanted
> > to remove four of them, the list of 'what to remove' is so much more
> > compact than the 'leave those' list!
> 
> For what purpose are you wanting to remove tags? If this is for data
> that you plan to send to the client, then your approach is poor.
> 
> Your reasoning is exactly why you should never try to guess which tags
> to remove - you're almost certain to forget something. This is why so
> many people create PHP applications with security vulnerabilities.
> 
> If I've misunderstood your intent, then perhaps your approach is fine,
> but I wanted to point out the risk in your approach.
> 
> Chris
> 
> P.S. You should never modify invalid data in order to make it valid.
> Thus, I think strip_tags() is also a poor approach and not something I
> ever recommend using. Filtering input and escaping output are the best
> practices.
> 
> --
> Chris Shiflett
> Brain Bulb, The PHP Consultancy
> http://brainbulb.com/
> 

I am trying to access my local pop3 mail via wap. When I get home I
download the messages, but while away I need access to them. I am
trying to strip those tags from html mails so that they will display
in my wap browser.

Dotan
http://lyricslist.com/lyrics/pages/artist_albums.php/238/Guns%20N'%20Roses
Guns N' Roses Lyrics

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to