php - remove html tags

Question

I'm using the contenteditable feature on a personal project to update a sql database, however when I update the content it adds html tags into the database i.e.

<div id="lipsum" style="font-size: 11px; font-family: Arial, Helvetica, sans; 
text-align:     justify; font-style: normal; font-variant: normal; line-height: normal;">
 <p style="font-size: 11px; line-height: 14px; margin-bottom: 14px;">
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Proin tincidunt tincidunt tellus, 
ac tincidunt magna imperdiet volutpat. Pellentesque pharetra lorem vitae velit gravida, 
eget gravida tellus volutpat. Praesent viverra nulla at arcu fringilla, quis semper ligula 

What are my solutions in terms of stripping these tags out? Can i use jquery or php? Can anyone show me some working examples?

This is the code I am using to update my database

save.php

<?php
include("db.php");
$content = $_POST['content'];
$firstname = $_POST['firstname'];//get posted data
$content = mysql_real_escape_string($content);  
    $firstname = mysql_real_escape_string($firstname);//escape string   

$sql = "UPDATE datadump SET firstname = '$firstname', content = '$content' WHERE id = '1'";
if (mysql_query($sql))
{
    echo 1;
}
?>

js/js.js

 $(document).ready(function() {

    $("#save").click(function (e) {         
        var content = $('#content').html(); 
        var firstname = $('#firstname').html();     
        $.ajax({
            url: 'save.php',
            type: 'POST',
            data: {content: content, firstname: firstname},             
            success:function (data) {

                if (data == '1')
                {
                    $("#status")
                    .addClass("success")
                    .html("Data saved successfully")
                    .fadeIn('fast')
                    .delay(3000)
                    .fadeOut('slow');   
                }

                if (data == '1')
                {
                    $("#status")
                    .addClass("success")
                    .html("Data saved successfully")
                    .fadeIn('fast')
                    .delay(3000)
                    .fadeOut('slow');   
                }
                else
                {
                    $("#status")
                    .addClass("error")
                    .html("An error occured, the data could not be saved")
                    .fadeIn('fast')
                    .delay(3000)
                    .fadeOut('slow');   
                }
            }
        });   

    });

    $("#maincontent").click(function (e) {
        $("#save").show();
        e.stopPropagation();
    });

    $(document).click(function() {
        $("#save").hide();  
    });

});

Answer 1

Use the strip_tags() function.

Change this;

$content = mysql_real_escape_string($content);

To this;

$content = mysql_real_escape_string( strip_tags( $content ) );