I have created a text area field in community builder that displays on their profile.
I want to implement strip_tags and some othe validations on profile update but I keep running into errors.
Has anyone a plugin that can validate input text befor being sent to the database.
basicly I want to remove any javascript or harmful code that someone might try to upload but keep basic html tags intact.
Ive been working on this for a few days and I am completely stuck.
I want to implent this code but I keep getting errors, here is the code I want to install in to comprofiler.php.
[code:1]if(!function_exists('str_ireplace')){
function str_ireplace($search,$replace,$subject){
$token = chr(1);
$haystack = strtolower($subject);
$needle = strtolower($search);
while (($pos=strpos($haystack,$needle))!==FALSE){
$subject = substr_replace($subject,$token,$pos,strlen($search));
$haystack = substr_replace($haystack,$token,$pos,strlen($search));
}
$subject = str_replace($token,$replace,$subject);
return $subject;
}
}
function clean_input($source){
$badtags = array('<object' , '<embed' , '<%' , '.swf' ,'script' , '.php' , '.exe' , '.asp' , 'onclick' , 'object' , '.fla' , 'onblur' , 'onchange' , 'onclick' , 'ondblclick' , 'onerror' , 'onfocus' , 'onkeydown' , 'onkeypress' , 'onkeyup' , 'onload' , 'onmousedown' , 'onmousemove' , 'onmouseout' , 'onmouseover' , 'onmouseup' , 'onreset' , 'onresize' , 'onselect' , 'onsubmit' , 'onunload' , 'javascript' , '<?' , '?>');
strip_tags($source,'<STYLE><A><B><BIG><BR><CENTER><DD><DL><DT><EM><FONT><H1><H2><H3><H4><H5><H6><I><IMG><LI><LINK><MARQUEE><MENU><OL><OPTION><P><SMALL><STRONG><TABLE><TD><TH><TR><TT><U><UL>');
return str_ireplace($badtags, "--", strip_tags($source,'<STYLE><A><B><BIG><BR><CENTER><DD><DL><DT><EM><FONT><H1><H2><H3><H4><H5><H6><I><IMG><LI><LINK><MARQUEE><MENU><OL><OPTION><P><SMALL><STRONG><TABLE><TD><TH><TR><TT><U><UL>'));
}
echo clean_input($source); [/code:1]