0

so I have a box where a user enters some data "a description" and it stores in MySQL. However, html tags such as <img src="">, <a href="">, etc. do not store there in the 'description' field. How can I allow certain HTML codes to be passed through to MySQL?

This is what the description input box looks like:

<?=form_textarea(
    'description',
    $Channels->description,
    'class="field" style="width:306px; height: 70px; margin-left:5px;"'
)?>

This is where the form gets passed:

$this->form_validation->set_rules(
    'description',
    lang('user_edit_channel_description'),
    'trim|required|strip_tags|xss_clean'
);

And then posted to MySQL here:

$rows['description'] = $this->input->post('description');
Improve this question
2

2 Answers 2

Reset to default
1

You will need to use the form of the strip_tags function with the second parameter, which allows you to specify which HTML tags are allowed. As explained in this post, you need to create a callback function to call because the two-parameter version of strip_tags cannot be directly used in set_rules(.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

You'll want to get rid of strip_tags from the validation rules, since that removes all HTML tags. Or, ever better, call the function separately using a second parameter to define what tags you want to allow.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.