Page 1 of 1
form hijacking
Posted: Wed Oct 25, 2006 9:12 am
by kingconnections
So I have this form with a text area. People are trying to hijack my form and insert html and other code into the text area. Is there a way to not not allow them, or just not process this if they put in code?
Posted: Wed Oct 25, 2006 9:14 am
by impulse()
I think you can use
on the data that's passed from the form and then pass it whereever it's going.
Posted: Wed Oct 25, 2006 10:33 am
by Cameri
you can use strip tags, or you can convert the special characters < and > to html entities.