Basic usage of the main PHP native functions.
See PHP documentation for more details, examples and versions that they apply.
strip_tags [Link]
$string = strip_tags($input); $string = strip_tags($input, '<br>'); $string = strip_tags($input, '<p><a>'); $string = strip_tags($input, ['p', 'a']);
htmlspecialchars [Link]
$string = htmlspecialchars($input); $string = htmlspecialchars($input, ENT_QUOTES);
filter_var [Link]
$string = filter_var($input, FILTER_SANITIZE_STRIPPED); $string = filter_var($input, FILTER_VALIDATE_EMAIL); $string = filter_var($input, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED); $string = filter_var($input, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);
See also Sanitize Filters [Link] and Validate filters [Link].
mysqli_real_escape_string [Link]
$string = mysqli_real_escape_string($link, $input);
Other ways to filter the content of a string:
$string = str_replace(array('"', "'", '`', '´', '¨'), '', $input);
$string = preg_replace('#[^A-Za-zà-źÀ-Ź0-9 ]#', '', $input);
$string = trim($input, " \n\r\t\v\0");