andrew.9999
New Member
I've built a blog CMS in PHP for my company's website. When one of our staff members writes a blog article in the admin area, it saves raw HTML to the MySQL database.Example:\[code\]<p>Some example text written by my staff stored in the database</p>\[/code\]On the page where I print the article to screen, in PHP, what is the safest method to print the HTML that would help prevent XSS or other nasties? Obviously, I still need the HTML tags for it to display in the same way the user wrote it.I did try \[code\]htmlspecialchars()\[/code\] but that printed the tags instead of using them.