Improve my code - function to sanitize input fields
i created this function to sanitize the input fields on my site, but i need it (the function) to allow the input of some html tags. how can i improve the function to allow this? ```php function sanitizeString($var) { global $pdo; $var = strip_tags($var); $var = htmlentities($var); if(get_magic_quotes_gpc()) $var = stripslashes($var); $result = $pdo->quote($var); // this adds single quotes return str_replace("'", "", $result) // So now remove them } ``` Take this as a challenge and a way to solve a problem. you can create a post here on the site writing the improvements of your code in relation to the code written above. thanks
(1) Comments
add a variable with the tags you want to allow, like: $allow_tags = `<h1><form><button><img>; and add it to the strip_tags($var, $allow_tags)` function;