I hate to be asking this question, 1. because it’s a typical newb question that probably gets asked a lot, and 2. because I’ve done some tuts on this but now can’t seem to find files i’d saved to refer to.
but anyway, i’m building a simple cms. there are some text fields for user input. this input gets displayed on a web page and the user needs to be able to enter in simple HTML tags like <span class=’whatever’>, <b>, <p>…. etc. etc..
i know i need to sanitize the input. can someone suggest what all functions i should use?, like addslashes(), (going into the D?, removeslashes(), (going back out onto the page), htmlspecialchars()……should i use..?. should i use filter_var(‘copy’,FILTER_SANITIZE_STRING )…?
or can someone point me in the right dir. for some good tuts on this topic?, big thanks