This function tries to return a string with all HTML and PHP tags stripped from a given str. It uses the same tag stripping state machine as the fgetss() function.
You can use the optional second parameter to specify tags which should not be stripped.
注: allowable_tags was added in PHP 3.0.13 and PHP 4.0b3. Since PHP 4.3.0, HTML comments are also stripped.
警告 |
Because strip_tags() does not actually validate the HTML, partial, or broken tags can result in the removal of more text/data than expected. |
警告 |
This function does not modify any attributes on the tags that you allow using allowable_tags, including the style and onmouseover attributes that a mischievous user may abuse when posting text that will be shown to other users. |
See also htmlspecialchars().