How to Strip Script Tags in PHP

0 min read 60 words

If you have some HTML input submitted from a user to your application, before saving it to the database, you may want to strip all <script> tags so that you can prevent cross site scripting attacks and other potential issues.

Below we use a Regular Expression to strip the script tag out of a variable.

$html = preg_replace('#<script(.*?)>(.*?)</script>#is', '', $html);
Tags:
Andrew
Andrew

Andrew is a visionary software engineer and DevOps expert with a proven track record of delivering cutting-edge solutions that drive innovation at Ataiva.com. As a leader on numerous high-profile projects, Andrew brings his exceptional technical expertise and collaborative leadership skills to the table, fostering a culture of agility and excellence within the team. With a passion for architecting scalable systems, automating workflows, and empowering teams, Andrew is a sought-after authority in the field of software development and DevOps.

Tags

Recent Posts