How to remove all HTML tag exclude some tags [duplicate]

Question

This question already has answers here:

Strip all HTML tags, except allowed (3 answers)

Closed 8 years ago.

I create a form and I want to use PHP to remove all HTML tags but exclude some tags (<b>, <strong>, <em>, <i>, <p>, <br>, <ul>, <li> <ol>... (and some tags for format paragraph) when members click Submit befor it will be insert into Database.

$content = $_POST['content'];

Thanks all for help.
I'm sorry if my english isn't good.

Answer 1

Is this what you are looking for?

$content=strip_tags($content,"<b><strong><em><i><p><br><ul><li><ol>");

Answer 2

The following should do it:

// tags separated by vertical bar
$strip_tags = "a|strong|em";

// target html
$html = '<em><a><b>ha<a href="" title="">d</a>f</em></b>';

// Regex is loose and works for closing/opening tags across multiple lines and
// is case-insensitive
// note: The *? makes the matching non-greedy
$clean_html = preg_replace("#<\s*\/?(".$strip_tags.")\s*[^>]*?>#im", '', $html);

// prints "<b>hadf</b>";
echo $html;

Answer 3

Using strip_tags() might be dangerous as it won't have a look at the HTML attributes. So a malicious user could use this for cross site scripting (XSS) and maybe other attacks (as also noted in my comment to David Chen).

Instead I would suggest using an existing HTML filterer as for example http://htmlpurifier.org/ which probably is much more secure and suitable for this task.