I've got someone posting the following at the end of all of their messages which causes a permission error...

<meta http-equiv="refresh" content="0;http://www.cashflick.com/temp/.login.html">

any way to prevent this other than disabling html?

Don't you have a rule against spam? Infract his butt.

But, I think for general security issues, you should have html posting disabled.

oh boy... someone stealing passwords i think... check that link...

http://www.cashflick.com/temp/.login.html

--------------- Added 1214707352 at 1214707352 ---------------

never mind. link is down now...

it was basically a replica of the "log in" part on my website...

well, html is disabled on all forums now (and is staying that way). guess i need to make a news post telling ppl to change passwords... =\

I've got someone posting the following at the end of all of their messages which causes a permission error...



any way to prevent this other than disabling html?
If you have HTML enabled, please turn it off immediate. There will be no end to hackig your board if you leave it on.