form hijacking

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
kingconnections
Forum Contributor
Posts: 137
Joined: Thu Jul 14, 2005 4:28 pm

form hijacking

Post by kingconnections »

So I have this form with a text area. People are trying to hijack my form and insert html and other code into the text area. Is there a way to not not allow them, or just not process this if they put in code?
impulse()
Forum Regular
Posts: 748
Joined: Wed Aug 09, 2006 8:36 am
Location: Staffordshire, UK
Contact:

Post by impulse() »

I think you can use

Code: Select all

strip_tags
on the data that's passed from the form and then pass it whereever it's going.
User avatar
Cameri
Forum Commoner
Posts: 87
Joined: Tue Apr 12, 2005 4:12 pm
Location: Santo Domingo, Dominican Republic

Post by Cameri »

you can use strip tags, or you can convert the special characters < and > to html entities.
Post Reply