I am developing a php-based web application in which there is a text area

Question

0

Asked: May 20, 20262026-05-20T06:43:35+00:00 2026-05-20T06:43:35+00:00

I am developing a php-based web application in which there is a text area

0

I am developing a php-based web application in which there is a text area within which user can type whatever he/she wants and the content later gets displayed on another page after being stored in a database. The scenario is that the user can type in HTML tags. But as far as functionality constraints are concerned, I wish to allow the user to execute some tags such as <a>, <div> etc., leaving the rest of the tags to be displayed as plaintext.
I had previously pasted this question:
Prevent HTML data from being posted into form textboxes
But it answered only the ways such as strip_tags() and htmlspecialchars() which either stripped the html content completely displaying the remaining plaintext or displayed everything as plaintext with no option for adding any tag as exception, respectively. Please help. Cheers.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-20T06:43:35+00:00

Editorial Team

2026-05-20T06:43:35+00:00Added an answer on May 20, 2026 at 6:43 am

You can look at HTML Purifier. This is a library specially designed for this.

It seems it can handle any form of xss attack. See also the comparison page.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am developing a php-based web application in which there is a text area

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply