I am capturing some content using tinyMCE, and then posting the content back to php script to store in database.
I am using htmlawed to remove anything nasty.
The content of the $_POST variable is
<p>This is a link <a href=\"https://www.bbc.co.uk\">https://www.bbc.co.uk</a></p>
I am then using this code on the server
$Details = $_POST["Details"];
$config = array('elements'=>'* -script -object'); //dont allow any scripts
$SanitizedDetails = htmLawed($Details, $config);
SanitizedDetails then contains this
<p>This is a link <a href="\">https://www.bbc.co.uk</a></p>
It has removed the contents of href (just left a backslash)
Please could somebody help with config for htmlawed
You need to delete the first backslash \
from href=\
and the last one from uk\
and you're ready to go.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.