Stopping HTML passing to database
Posted: Thu May 12, 2005 3:35 pm
Hi,
I have a form (textarea) where text can be inserted into a database by visitors to the site. I’m trying to stop unwanted spam in the form of anything HTML being passed to the database so I’m working with the following bit of script:
As I so new to all of this I wonder if anybody can tell me if I’m heading in the right direction and if this bit of script is likely to do the job.
Thanks a mil
Brian
I have a form (textarea) where text can be inserted into a database by visitors to the site. I’m trying to stop unwanted spam in the form of anything HTML being passed to the database so I’m working with the following bit of script:
Code: Select all
$html = $_POST['GuestDetails'];
if (strpos($html, 'http://,html,www') ===0) {
$html = substr($html, 0);
}Thanks a mil
Brian