dylandcor Posted March 25, 2006 Share Posted March 25, 2006 I have a place where users can edit their own profile on my site. Is there any way from preventing them to access other urls because we were doing a test, and someone can get into admin accounts via javascripts. He put in the <script language="Javascript" src="blah.js"> and it got in. Is there anyway to prevent users from putting in unwanted code into their profile?Any Suggestions? Link to comment https://forums.phpfreaks.com/topic/5806-code-blocking/ Share on other sites More sharing options...
annihilate Posted March 25, 2006 Share Posted March 25, 2006 Have a look at [a href=\"http://uk2.php.net/strip_tags\" target=\"_blank\"]strip_tags[/a] function and some of the user contributed functions and responses on that page. Link to comment https://forums.phpfreaks.com/topic/5806-code-blocking/#findComment-20695 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.