I'm trying use this regular expression to strip out any naughty words/
characters. How do I modify it so it allows spaces? What the heck in the
?/? for??
<cfif
refindnocase("([[:space:]]?/?(script|embed|applet|object|form|layer|ilayer|f
rame|iframe|f
rameset|param|meta|server)[^>]*>?)|(;?[[:space:]]*(((alter|create|drop)[[:sp
ace:]]*(database|proc|table|trigger|view|function))|(insert[[:space:]]*into)
|(truncate[[:space:]]*table)|(update[[:space:]]*.*set[[:space:]]*.*=)|(delet
e[[:space:]]*from)|(select[[:space:]]*\*[[:space:]]*from)))|onabort|onafteru
pdate|onbeforeunload|onbeforeupdate|onblur|onbounce|onchange|onclick|ondataa
vailable|ondatasetchanged|ondatasetcomplete|ondblclick|ondragdrop|ondragstar
t|onerror|onerrorupdate|onfilterchange|onfinish|onfocus|onhelp|onkeydown|onk
eypress|onkeyup|onload|onmousedown|onmousemove|onmouseout|onmouseover|onmous
eup|onmove|onreadystatechange|onreset|onresize|onrowenter|onrowexit|onscroll
|onselect|onselectstart|onstart|onsubmit|onunload|(exec[[:space:]]*xp_cmdshe
ll)|([[:space:]](cmd.exe|root.exe|sp_|st_)[[:space:]])|(javascript:)|(vbscri
pt:)|(<%)",fieldname)>
______________________________________________________________________
This list and all House of Fusion resources hosted by CFHosting.com. The place for
dependable ColdFusion Hosting.
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
