$banned = array("#","^","%");$text = "This is 20% of the total #number of ^carrots";$string = str_replace($banned, "", $text);If you echo string it would display;This is 20 of the total number of carrotsNow this is a simple approach, regular expressions would be the best sollution if it got more advanced. If your trying make your forms safe from XSS attacks or SQL injection i'd suggest using alternate frameworks to assist you.
You did point to something I always think of. As matter of fact, I've started PHP just few months ago and not sure what XSS attaks are. Would you please give me direction toward this concept? Any online resource or book would be great.
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. http://en.wikipedia.org/wiki/Cross-site_scripting
Open in new window