Need Help with signature code
Posted: Thu Jun 25, 2009 2:18 pm
Hi,
I thought I had this right, but I don't think I do.
I'm using ADODB for our game, and I created a page where users can load a signature to display on their profile.
So here is how we insert the sig into the db
and this is how I display it on the page
I thought this would remove the harmful stuff people could put in their sigs, but today I noticed someone put a URL in their sig and the slashers were still there.
What is the proper way to get input from users and to display it.
Thanks
I thought I had this right, but I don't think I do.
I'm using ADODB for our game, and I created a page where users can load a signature to display on their profile.
So here is how we insert the sig into the db
Code: Select all
$addsig = $db->execute("UPDATE `players` SET `signature`=? WHERE `id`=?", array($sig, $player->id));Code: Select all
echo stripslashes(htmlentities($profile['signature'], ENT_QUOTES ));What is the proper way to get input from users and to display it.
Thanks