N-Bomb(Nerd) Posted November 24, 2008 Share Posted November 24, 2008 Hello, I'm trying to make a register form for one of my websites I'm creating however I've ran into a problem. I would like my users to use tags or whatever they wish into their user names when registering, however from testing I was able to use html tags in the name and it would actually do whatever I put the tag as. I looked into this and I couldn't really find a proper way to make sure if they do have tags in their name that it wouldn't parse. I found the <pre>, <code> and <xmp> tags, but none seemed to fit as well as I like. I liked how the <xmp> would block everything right down to the <b> tag, but it has a line break right before everytime the <xmp> tag is used. Is there perhaps a way to stop the line break before the <xmp> tag or is there a better method I should be using for something like this? Link to comment https://forums.phpfreaks.com/topic/133951-solved-tags/ Share on other sites More sharing options...
PFMaBiSmAd Posted November 24, 2008 Share Posted November 24, 2008 All user supplied data that will ever be output on a web site should be passed through htmlentities before it is displayed to render it harmless - http://us3.php.net/manual/en/function.htmlentities.php Link to comment https://forums.phpfreaks.com/topic/133951-solved-tags/#findComment-697323 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.