如何实现FILTER_SANITIZE_SPECIAL_CHARS

时间:2011-05-13 20:02:11

标签: php filter tags

这是我到目前为止所做的事情 - 我真的需要禁止输入任何标签,因为它就像留言簿一样,但这似乎不起作用:

<?php

$txt = $_POST['txt'];

//the data

$data = "
$txt";

//my attempt to implement a filter

var_dump(filter_var($data,FILTER_SANITIZE_SPECIAL_CHARS));

//open the file and choose the mode

$fh = fopen("users.txt", "a");

fwrite($fh, $data);


//close the file

fclose($fh);

header('Location: http://www.google.com/');
?>

1 个答案:

答案 0 :(得分:1)

您需要指定filter_var的返回值

$data = filter_var($data,FILTER_SANITIZE_SPECIAL_CHARS);
如果过滤器失败,

filter_var可以返回FALSE。所以,要完成,你真的应该做一些事情:

$filtered_data = filter_var($data,FILTER_SANITIZE_SPECIAL_CHARS);
if($filtered_data !== FALSE) {
  //write $filtered_data
} else {
  //handle error
}
相关问题
最新问题