Matt Palermo wrote: > I realize that I can use the strip_tags function to remove HTML. But I > don't want to remove HTML tags. I just want to make sure all open HTML > tags > are closed. For example if they user submits HTML with a <table> tag and > never closes it, then the rest of the page will look screwed up. I still > want to allow them to use HTML, but I want to close tags that were left > open > by them. This way it allows them to use HTML and it won't screw up the > rest > of the page. Hopefully these are trusted users, authenticated to alter any and all content on the web-site. Otherwise, you might as well post your 'root' password on your home page... Perhaps I'm just telling you something you already know -- better that than you going forward with this and *not* realizing just how insecure it is. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
