MDanz Posted February 11, 2010 Share Posted February 11, 2010 How do i prevent these characters from being used in the search input text field. ; \ / < > = echo "<input type='text' size='35' name='search' />"; Link to comment https://forums.phpfreaks.com/topic/191833-how-to-prevent-certain-characters-from-being-used/ Share on other sites More sharing options...
xjake88x Posted February 12, 2010 Share Posted February 12, 2010 The simplest and easiest way is to strip them out before using the data: $search_text = $_POST['search']; $disallowed_chars = array(';', '\\', '/', '<', '>', '='); $search_text = str_replace($disallowed_chars, '', $search_text); Link to comment https://forums.phpfreaks.com/topic/191833-how-to-prevent-certain-characters-from-being-used/#findComment-1011086 Share on other sites More sharing options...
MDanz Posted February 12, 2010 Author Share Posted February 12, 2010 what about this? $search = htmlentities($_GET['search']); Link to comment https://forums.phpfreaks.com/topic/191833-how-to-prevent-certain-characters-from-being-used/#findComment-1011087 Share on other sites More sharing options...
xjake88x Posted February 12, 2010 Share Posted February 12, 2010 The semicolon will still be used because that generates things like < and whatnot. Link to comment https://forums.phpfreaks.com/topic/191833-how-to-prevent-certain-characters-from-being-used/#findComment-1011096 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.