View Full Version : Block PHP using PHP?

05-07-2009, 03:41 AM
I have a form where users can test HTML.

I wish them not to be able to insert Flash, PHP or any other harmful codes.

Does anybody have the codes for this?

The following doesn't seem to work for PHP. :confused:

if (eregi('<?', $text)) {die("Not HTML");

05-07-2009, 04:24 PM
A good place to start with sanitizing your inputs is strip tags (http://us3.php.net/manual/en/function.strip-tags.php).

Also, I don't see why you would need to filter out PHP.
It would not be executed unless you eval() (http://us3.php.net/eval) your users code. It would just show up as plain text.