July 17th, 2000, 01:21 PM
I'm in the process of setting up a classified Ad's page where the users can post their own Ad's. No one 'oversees' the posts. Once an post is submitted its put on the website. What I'm wondering about is how do i prevent users from adding in commands like: <H1> or <b> or other HTML tags that would mess up my display and my organization?
Is it possible to set something in the submission page that it will not allow the characters < or >? I'm using PHP3 for the interface.
July 17th, 2000, 01:48 PM
use htmlentities() or htmlspecialchars(). it'll replace the tags with codes to show the symbol.
< becomes ;lt
> becomes ;gt
or something like that. basically, whatever they enter is what they get, it won't be a link.
i think there is a function that strips all of the tags too, so they are just gone. i'm not sure what it's called though.