View Discussion
Improve Article
Save Article
View Discussion
Improve Article
Save Article
In this article, we will see how to remove HTML tags from data in PHP. PHP provides an inbuilt function to remove the HTML tags from the data. The strip_tags() function is an inbuilt function in PHP that removes the strings form HTML, XML and PHP tags. It accepts two parameters. This function returns a string with all NULL bytes, HTML, and PHP tags stripped from a given $str.
Syntax:
strip_tags(string, allowed_tags)Parameters Values:
- string: It is a required parameter that specifies the string to check.
- allowed_tags: Itis an optional parameter that specifies the allowable tags which will not be removed from the returned result.
Return Value: It returnsa string where HTML tags are removed except for the allowed tags.
Example 1: In this example, we passed a string containing HTML tags to the strip_tags() function and checked the returned string whether all HTML tags are removed or not. All the HTML tags in the string are stripped from the string by the strip_tags() function.
PHP
<?php
echo strip_tags(
"<b>GeeksforGeeks</b> one of the popular
<i>online learning site</i>");
?>
Output:
Example 2: In this code, we specified the allowed_tags parameter along with the string to strip_tags() method, so that we can allow a few tags in the string and strip the unallowed tags from the input string. In the allowed_tags section, we specified <h2> tag. So it did not strip the <h2> tag in the string and stripped the rest of the other tags i.e. <i> italic tag.
PHP
<?php
echo strip_tags(
"<h2>GeeksforGeeks</h2> one of the top
<i>Online learning platform</i>","
<h2>");
?>
Output:
string strip_tags ( string source [, string allowable_tags])
Strip_tags() is a function that allows you to strip out all HTML and PHP tags from a given string (parameter one), however you can also use parameter two to specify a list of HTML tags you want.
This function can be very helpful if you ever display user input on your site. For example, if you create your own messageboard forum on your site a user could post a title along the lines of: <h2>THIS SITE SUCKS!</h2>, which, because you would display the titles of each post on your board, would display their unwanted message in huge letters on your visitors' screens.
Here are two examples of stripping out tags:
<?php $input = "<blink><strong>Hello!</strong></blink>"; $a = strip_tags($input); $b = strip_tags($input, "<strong><em>"); ?>After running that script, $a will be set to "Hello!", whereas $b will be set to "<strong>Hello!</strong>" because we had "<strong>" in the list of acceptable tags. Using this method you can eliminate most users from adversely changing the style of your site, however it is still possible for users to cause trouble if you allow a list of certain HTML tags, for example, we could abuse the allow <strong> tag using CSS: <strong style="font:72pt Times New Roman">THIS SITE SUCKS!</strong>.
If you allow <strong> tags, you allow all <strong> tags, regardless of whether they have any extra unwanted information in there, so it is best not to allow any tags.
Want to learn PHP 7?
Hacking with PHP has been fully updated for PHP 7, and is now available as a downloadable PDF. Get over 1200 pages of hands-on PHP learning today!
If this was helpful, please take a moment to tell others about Hacking with PHP by tweeting about it!
Next chapter: Comparing strings >>
Previous chapter: Pretty-printing numbers
Jump to:
Home: Table of Contents
Copyright ©2015 Paul Hudson. Follow me: @twostraws.