Unit 5: Strings



            Attributes in preserved tags are not changed by strip_tags( ). Because attributes such as style   Notes
            and onmouseover can affect the look and behaviour of web pages, preserving some tags with
            strip_tags() would not necessarily remove the potential for abuse.

            Extracting Meta Tags
            If you have the HTML for a web page in a string, the get_meta_tags( ) function returns an array of
            the meta tags in that page. The name of the meta tag (keywords,author, description, etc.) becomes
            the key in the array, and the content of the meta tag becomes the corresponding value:
            $meta_tags = get_meta_tags(‘http://www.example.com/’); echo “Web page made by {$meta_
            tags[author]}”; Web page made by Pradip

            The general form of the function is:
            $array = get_meta_tags(filename [, use_include_path]);
            Pass a true value for use_include_path to let PHP attempt to open the file using the standard
            include path.

            5.5.2 URLs
            PHP provides functions to convert to and from URL encoding, which allows you to build and
            decode URLs. There are actually two types of URL encoding, which differ in how they treat
            spaces. The first (specified by RFC 1738) treats a space as just another illegal character in a URL
            and encodes it as %20. The second (implementing the application/x-www-form-urlencoded
            system) encodes a space as a + and is used in building query strings.
            RFC 1738 Encoding and Decoding

            To encode a string according to the URL conventions, use rawurlencode( ):
            $output = rawurlencode(input);
            This function takes a string and returns a copy with illegal URL characters encoded in the %dd
            convention.
            If you are dynamically generating hypertext references for links in a page, you need to convert
            them with rawurlencode( ):

            $name  =  “Programming  PHP”;  $output  =  rawurlencode($name);  echo  “http://
            localhost/$output”;http://localhost/Programming%20PHP
            The rawurldecode( ) function decodes URL-encoded strings:

            $encoded = ‘Programming%20PHP’; echo rawurldecode($encoded); Programming PHP
            Query-string Encoding
            The urlencode( ) and urldecode( ) functions differ from their raw counterparts only in that they
            encode spaces as plus signs (+) instead of as the sequence %20. This is the format for building
            query strings and cookie values, but because these values are automatically decoded when they
            are passed through a form or cookie, you do not need to use these functions to process the current
            page’s query string or cookies. The functions are useful for generating query strings:
            $base_url = ‘http://www.google.com/q=’; $query = ‘PHP sessions -cookies’; $url = $base_url .
            urlencode($query); echo $url;http://www.google.com/q=PHP+sessions+-cookies
            5.5.3 SQL

            Most database systems require that string literals in your SQL queries be escaped. SQL’s encoding
            scheme is pretty simple—single quotes, double quotes, NUL-bytes, and backslashes need to be
            preceded by a backslash. The addslashes( ) function adds these slashes, and the stripslashes( )
            function removes them:



                                             LOVELY PROFESSIONAL UNIVERSITY                                   107