Re: Allow/Make safe html user comments — All PHP

You are here: Re: Allow/Make safe html user comments « All PHP « IT news, forums, messages

Posted by Simon on 05/25/05 12:34

> Hi,
>
> I have a text area where the user can enter html comments.
> But that doesn't mean that I trust them ;)
>
> What I was thinking of doing is simply removing <script> and <?php, (or
> <?) from the text.
> ( I also want to block any outside link but I don't know if that is a
> problem as well).
>
> By doing that would I ensure that there is no way for the user to inject
> code?
>
> Or should I parse every single tag and only allow a handful of them?
>
> Would their be some piece of code to allow me to safely and _properly_
> parse any piece of html? where every tricks in the html books have been
> handled?
>
> Many thanks in advance.
>
> Simon

I Just want to add comp.lang.php as it seems a little more active.

Simon

Navigation:

Next in forum: Re: Sorting an array
Prev in forum: Date Formatting Help
Thread view: Re: Allow/Make safe html user comments

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация