View Full Version : Disable HTML in Forms
Fugler
07-17-2004, 04:54 PM
Hi. I was just wondering. When you're making your own thing like a guestbook or something like that, how do you going about allowing or disallowing HTML in the forms in order to prevent bad input?
Any help is much appreciated.
filburt1
07-17-2004, 05:58 PM
Hi. I was just wondering. When you're making your own thing like a guestbook or something like that, how do you going about allowing or disallowing HTML in the forms in order to prevent bad input?
Any help is much appreciated.
$converted = htmlspecialchars($original);
If your page is powered by vB, use htmlspecialchars_uni() which specifically supports Unicode.
Fugler
07-17-2004, 06:02 PM
Thanks, so how would I use that, Do I just put it somewhere on the page?
Also, would it work in a non vB powered page?
NTLDR
07-17-2004, 06:14 PM
htmlspecialchars() is a standard PHP function and will work on any PHP page. htmlspecialchars_uni() will only work on pages powered by vBulletin.
Run htmlspecialchars() on the variable that contains the input from the form, for example:
$text_without_html = htmlspecialchars($_POST['message']);
Fugler
07-17-2004, 06:21 PM
Ahh, I think I see now, Thanks for all your help the pair of you :D
vBulletin® v3.8.12 by vBS, Copyright ©2000-2024, vBulletin Solutions Inc.