dylandcor Posted March 25, 2006 Share Posted March 25, 2006 I have a place where users can edit their own profile on my site. Is there any way from preventing them to access other urls because we were doing a test, and someone can get into admin accounts via javascripts. He put in the <script language="Javascript" src="blah.js"> and it got in. Is there anyway to prevent users from putting in unwanted code into their profile?Any Suggestions? Quote Link to comment Share on other sites More sharing options...
annihilate Posted March 25, 2006 Share Posted March 25, 2006 Have a look at [a href=\"http://uk2.php.net/strip_tags\" target=\"_blank\"]strip_tags[/a] function and some of the user contributed functions and responses on that page. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.