How to strip the following html tags from user input in PHP?

I don't want to use htmlentities() because I just want to strip 3 kinds of tags and allow all others. These are the ones to be stripped:

- <a hrefs...
- &开发者_JAVA百科lt;scripts...
- <img src...

How can this be done?

$str = strip_tags($str, '<a><script><img>');

However, if this is for security, this is not enough. Use a HTML parser and a whitelist of allowed tags and attributes.

Otherwise I may enter <button onclick="alert('xss')">hello!</button>, for example.

Check out php's strip_tags(). The optional parameter allows you to select allowable tags, which I know is the opposite of what you want to, but is the better way to go.

The other option is to use regular expressions to remove those offending tags.