Results 1 to 4 of 4

Thread: Form Validation

  1. Sep 4th, 2002, 09:50 AM #1
    TheGoldenShogun
    TheGoldenShogun is offline

    Thread Starter
    Addicted Member TheGoldenShogun's Avatar
    Join Date
    Mar 2001
    Location
    VA/MD... anywhere around the beltway
    Posts
    236

    Cool Form Validation

    Heres a tricky one, I'm working on a bulletin board (The Hobo's thread inspired me to try) and its going all well but I'm worried about one thing. What I do is I take their input for a thread from the textarea and run it through a php function that does some standard str_replaces... but my problem is, how do I know when to take out stuff if they slap a <? in the textarea. I don't want them to put <? phpinfo() ?> in the message of my message board and then it print out the actual php info or other things. How can I avoid that?
    Reply With Quote Reply With Quote
  2. Sep 4th, 2002, 11:58 AM #2
    chrisjk
    chrisjk is offline
    PowerPoster
    Join Date
    Jul 1999
    Posts
    5,923
    Run their input through the htmlspecialchars function, it will solve all your problems at once
    Reply With Quote Reply With Quote
  3. Sep 4th, 2002, 12:20 PM #3
    TheGoldenShogun
    TheGoldenShogun is offline

    Thread Starter
    Addicted Member TheGoldenShogun's Avatar
    Join Date
    Mar 2001
    Location
    VA/MD... anywhere around the beltway
    Posts
    236
    wow, thats a great function, I never knew they had that. Thanks.
    Reply With Quote Reply With Quote
  4. Sep 4th, 2002, 12:26 PM #4
    chrisjk
    chrisjk is offline
    PowerPoster
    Join Date
    Jul 1999
    Posts
    5,923
    yep, PHP is full of little gems like that
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width