campbem Posted June 22, 2007 Share Posted June 22, 2007 Using any *very* compatible scripting (javascript,php, etc) what would be the easiest way to completely disallow html input from being entered into an html form? I do not want to strip html tags, or re-encode them for a database, or allow only certain tags...I want the textbox to throw away the entire form if any html tag is entered from any source. I suppose I could regex or use some part of an existing php function to detect tags, but I don't think I could account for all possible tags - I basically want the textbox to be TRULY text only. I'd probably want to allow someone to use <> and other english language characters as they would in an actual english sentence, but I want the form to just deny any programming tags. Does any one know of snippets out there that already do this? Thanks! Quote Link to comment https://forums.phpfreaks.com/topic/56716-textbox-disallow-html-input/ Share on other sites More sharing options...
RichardRotterdam Posted July 17, 2007 Share Posted July 17, 2007 you can't restrict them from entering html tags but you can filter the html out when you submit a form. Using javascript might seem like a solution to prevent a person from entering html into a textarea but you can always disable javascript Quote Link to comment https://forums.phpfreaks.com/topic/56716-textbox-disallow-html-input/#findComment-300303 Share on other sites More sharing options...
soycharliente Posted July 17, 2007 Share Posted July 17, 2007 <?php $post = nl2br(htmlentities($r["post"], ENT_QUOTES)); ?> I pull data from a db with that. It converts the data to the HTML entities (like < to <) so that it will render everything exactly as they typed in. Quote Link to comment https://forums.phpfreaks.com/topic/56716-textbox-disallow-html-input/#findComment-300582 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.