Jump to content

Archived

This topic is now archived and is closed to further replies.

dimjnrbrown

stop users putting links in my guestbook

Recommended Posts

I've got a php guestbook which i built myself and it works fine.
But I've got idiots going on there and they just keep putting links within their messages
advertising their own sites which is very annoying.
Is there a way to stop this by not allowing certain characters, for example '<' or '>'
cheers in advance

Share this post


Link to post
Share on other sites
Look at the function [a href=\"http://www.php.net/strip_tags\" target=\"_blank\"]strip_tags[/a]().

Ken

Share this post


Link to post
Share on other sites
you could search the posted variable for invalid characters?


[code]

foreach (count_chars($your_posted_variable, 1) as $i) {
$string=chr($i);
if ($string=="&"){
echo "You cannot use that character";
}

[/code]

the above code will search your posted variable for '&'. If this character is found, an error message is displayed. I havent tried the code but I think the syntax is correct (ive just woken up..lol)

Hope this helps

Share this post


Link to post
Share on other sites
I am a total newbie and got a finished script for my guestbook. Recently I´ve started to get problems with people spamming my guestbook, so I´d like to use this string you´ve written in this thread. But when I tried to copy it into my guestbook it siezed to work at all. Any idea where in the script i should put the string in order to getting it work?

The URL to my guestbook is [a href=\"http://www.themovements.com/guestshow.php\" target=\"_blank\"]http://www.themovements.com/guestshow.php[/a]

Thanks
/Gustaf

Share this post


Link to post
Share on other sites
I suggest looking for url's in the posted variables, this will do:

[code]
<?

$content = $_POST['message_body']; // or whatever

$url_match = "^(((http|ftp|https)://)|(www\.))+(([a-zA-Z0-9\._-]+\.[a-zA-Z]{2,6})|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))(/[a-zA-Z0-9\&%_\./-~-]*)?^";

if (preg_match($url_match, $content))
{
echo "A url was found in your post, Not allowed - mission aborted.";
exit ();
}
else
{
// continue with submission here, no url found


}

?>
[/code]

And to RedAlert, you must post a code in order for anyone to help you out on why it stopped working...

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.