[PHP-DOC] cvs: phpdoc /en/functions strings.xml From: jim winstead (jimw <email protected>)
Date: 10/28/01

jimw Sun Oct 28 20:51:34 2001 EDT

  Modified files:
    /phpdoc/en/functions strings.xml
  Log:
  add warning to strip_tags() about attributes being passed through, add <u> to the example, and clean up the notice of what versions the allowable_tags param was added in.
  
Index: phpdoc/en/functions/strings.xml
diff -u phpdoc/en/functions/strings.xml:1.117 phpdoc/en/functions/strings.xml:1.118
--- phpdoc/en/functions/strings.xml:1.117 Wed Oct 17 12:24:00 2001
+++ phpdoc/en/functions/strings.xml Sun Oct 28 20:51:33 2001
@@ -1,5 +1,5 @@
 <?xml encoding="iso-8859-1"?>
-<!-- $Revision: 1.117 $ -->
+<!-- $Revision: 1.118 $ -->
  <reference id="ref.strings">
   <title>String functions</title>
   <titleabbrev>Strings</titleabbrev>
@@ -2506,8 +2506,8 @@
      should not be stripped.
      <note>
       <para>
- <parameter>Allowable_tags</parameter> was added in PHP 3.0.13,
- PHP4B3.
+ <parameter>allowable_tags</parameter> was added in PHP 3.0.13
+ and PHP 4.0b3.
       </para>
      </note>
     </para>
@@ -2515,10 +2515,19 @@
      <example>
       <title><function>strip_tags</function> example</title>
       <programlisting role="php">
-$string = strip_tags($string, '&lt;a&gt;&lt;b&gt;&lt;i&gt;');
+$string = strip_tags($string, '&lt;a&gt;&lt;b&gt;&lt;i&gt;&lt;u&gt;');
       </programlisting>
      </example>
     </para>
+ <warning>
+ <para>
+ This function does not modify any attributes on the tags that you allow
+ using <parameter>allowable_tags</parameter>, including the
+ <literal>style</literal> and <literal>onmouseover</literal> attributes
+ that a mischievous user may abuse when posting text that will be shown
+ to other users.
+ </para>
+ </warning>
    </refsect1>
   </refentry>