Jump to content


Photo

No html or Js...


  • Please log in to reply
3 replies to this topic

#1 Tandem

Tandem
  • Members
  • PipPipPip
  • Advanced Member
  • 251 posts

Posted 23 July 2006 - 06:58 PM

Whats the best way to make html or javascript not work on a user input page like a guestbook?

#2 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 23 July 2006 - 07:00 PM

Use mysql_real_escape_string or strip_tags to stop HTML beeing added. Also make sure you are validating user input too! Dont  just use raw POST data! Always validate user data!

#3 Tandem

Tandem
  • Members
  • PipPipPip
  • Advanced Member
  • 251 posts

Posted 23 July 2006 - 07:02 PM

Ok thankyou :)

#4 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 23 July 2006 - 08:28 PM

You can also use htmlentities() which causes to tags to be displayed, not interpreted.

Ken




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users