CodingForums.com - View Single Post - Guest Book

idalatob · 09-05-2007, 01:00 PM

Often what I find is a in a comments page people will strip_tags on a variable then send it straight to the database. This means that if a guy puts a link (<a href="#">naughty angels</a> you will still have that entry stored in the database. Here is a small php snippet to stop that from happening.

PHP Code:


			
<?php 
$message = "What ever you want it to be.";//From a form, whatever.
$message1 = strip_tags($message);
if ((strlen($message)) > (strlen($message1))){
    $error = true;
        echo("No tags allowed, fool");
        exit;
    } else {
    //proceed with database addition, or whatever
    }
?>

09-05-2007, 01:00 PM	PM User \| #5
idalatob Regular Coder Join Date: Sep 2007 Location: Grahamstown, South Africa Posts: 237 Thanks: 6 Thanked 17 Times in 17 Posts	Often what I find is a in a comments page people will strip_tags on a variable then send it straight to the database. This means that if a guy puts a link (<a href="#">naughty angels</a> you will still have that entry stored in the database. Here is a small php snippet to stop that from happening. PHP Code: `<?php $message = "What ever you want it to be.";//From a form, whatever. $message1 = strip_tags($message); if ((strlen($message)) > (strlen($message1))){ $error = true; echo("No tags allowed, fool"); exit; } else { //proceed with database addition, or whatever } ?>` Last edited by idalatob; 09-05-2007 at 01:01 PM.. Reason: Add php tags