On Sunday 05 January 2003 01:16, Anders Thoresson wrote: > I've seen both guest books and user forums "hacked" by users who enter > javascript or other code, and that way redirects vistors to other sites or > do other unwelcome things. What expressions should I look for and not allow > in my forms?
Disallow all HTML tags by using strip_tags(). -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* "A dirty mind is a joy forever." -- Randy Kunkee */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
