Hi! > It's important to escape output according to context. PHP provides > functions such as htmlspecialchars() to escape output when the context > is HTML. However, one often desires to allow some subset of HTML > through without escaping (e.g., <br />, <b></b>, etc.)
I think what you are looking for is HtmlPurifier and such. Doing it in the core properly would be pretty hard. > https://github.com/AdamJonR/nephtali-php-ext/blob/master/nephtali.c > Could you describe in detail what that function actually does, with examples? -- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
