strip_tags() Help

Hello.

As part of my assignment, I need to keep this webpage secure from attackers in some way so I decided to use strip_tags() to keep it safe from people entering malicious code into a form field. I changed the background color of the page by injecting CSS code, then I used the strip_tags(). It worked, but now I’m getting the error:

Warning: strip_tags() expects parameter 1 to be string, array given in C:\xampp\htdocs\practice\Chapter27\output_fns.php on line 112

I’m not sure what this means. Here’s the code:


<?php

}

function display_user_urls($url_array) {
  // display the table of URLs
//Get description data
$url_description_array = strip_tags ( get_url_descriptions($_SESSION['valid_user']));
  // set global variable, so we can test later if this is on the page
  global $bm_table;
  $bm_table = true;
?>

Any help is appreciated.

Never mind, I was looking in the wrong place. Thanks for your attention.

Also, you may check out this thread: http://www.reddit.com/r/PHP/comments/nj5t0/what_everyone_should_know_about_strip_tags/

strip_tags is not that secure as everybody thinks…

To keep a field safe from people entering malicious values you need to validate the field to make sure that whatever it contains is valid for that particular field. Any other value should be rejected. - if it isn’t malicious it is at best garbage.

Ok well this was part of my final project which I got an A on, but I have used the strip_tags on some of my real websites so I will have to check that out. Thanks.

Thanks for posting the link. Ive been looking for a safer way to handle user inputs.