This is some html"; $_REQUEST['shHtml'] = $shHtml; // filter the variables and make sure that we don't have a return value // ie, that filtering succeeded $sResult = filter_gpc(); if($sResult) { error("sResult is '$sResult' but we expected success and no return value"); return false; } // expect that the filtered value will be equal if($aClean['shHtml'] != $shHtml) { error("Expected aClean['shHtml'] to be '".$shHtml."' but instead it was '".$aClean['shHtml']."'"); return false; } //***************************************************************************** // test that filtering strings with html results in the tags being stripped out $_REQUEST = array(); // clear out the array $sHtml = "

This is some html

"; $_REQUEST['sHtml'] = $sHtml; // filter the variables and make sure that we don't have a return value // ie, that filtering succeeded $sResult = filter_gpc(); if($sResult) { error("sResult is '$sResult' but we expected success and no return value"); return false; } // expect that $aClean value has been modified during filtering so these // shouldn't be equal unless something has failed if($aClean['sHtml'] == $sHtml) { error("Expected aClean['shHtml'] to be '".$sHtml."' but instead it was '".$aClean['sHtml']."'"); return false; } // make sure all html has been stripped if(strip_tags($aClean['sHtml']) != $aClean['sHtml']) { error("Expected all html to be stripped already but we were able to strip this '".$aClean['sHtml'] ."' into '".strip_tags($aClean['sHtml'])."'"); return false; } return true; } /*************************/ /* Main test routines */ if(!test_filter()) { echo "test_filter() failed!\n"; $bTestSuccess = false; } else { echo "test_filter() passed\n"; } ?>