Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    Regular Coder
    Join Date
    Aug 2006
    Posts
    133
    Thanks
    0
    Thanked 0 Times in 0 Posts

    validating textarea

    hi,

    can anybody please tell me how to avoid the user from entering any html code like '<','>', any other malicious characters in textarea using javascript/php.


    thanks
    mrjameer

  • #2
    Regular Coder goughy000's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    415
    Thanks
    0
    Thanked 0 Times in 0 Posts
    i supose one way is to change all "<" to "%3C" which is the html entitie for it, this will stop it doing anything harmfull and will just display as a < in the browser view (in the source code it will be %3C)

    php has a function to change all html chars to their entities.

    PHP Code:
    htmlentities() 
    Form..
    Code:
    <form method="post" action="go.php">
    <textarea name="text"></textarea>
    <input type="submit" value="go!!">
    </form>
    go.php
    PHP Code:
    <?php
    echo htmlentities($_POST[text]);
    ?>
    PHP Freelancing!
    ByteForums!
    Scriptlance.comNeed a job done quick? post it on scriptlance! OR! your a programmer? sign up and get paid for these jobs!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •