I'm seeing this more and more
I'm hearing the justification that its easier to put an pre-formatted anchor 
tag or href but you're right
if html is stored in the DB then javascript can easily follow
of course the overseas contractors sticking in href to their own sites sure 
does'nt help

Glad to hear strip_tags.php has come to the rescue..

Martin
______________________________________________ 
Disclaimer and confidentiality note 
Everything in this e-mail and any attachments relates to the official business 
of Sender. This transmission is of a confidential nature and Sender does not 
endorse distribution to any party other than intended recipient. Sender does 
not necessarily endorse content contained within this transmission. 


> Date: Sat, 2 Aug 2008 18:51:55 -0400
> From: [EMAIL PROTECTED]
> Subject: Re: Blocking HTML code in inserts?
> To: mysql@lists.mysql.com
> 
> 
> assuming php from your sig strip_tags
> 
> http://www.php.net/manual/en/function.strip-tags.php
> 
> 
> shannon
> 
> 
> On Aug 2, 2008, at 5:16 PM, Skip Evans wrote:
> 
> > Hey all,
> >
> > What is the most effective way to block HTML code in insert  
> > statements?
> >
> > I have a client with a comments form that is being bombarded with  
> > people inserting references to their own sites, etc, and I need an  
> > effective way to filter basically any HTML tags at all.
> >
> > Thanks,
> > Skip
> > -- 
> > Skip Evans
> > Big Sky Penguin, LLC
> > 503 S Baldwin St, #1
> > Madison, WI 53703
> > 608-250-2720
> > http://bigskypenguin.com
> > =-=-=-=-=-=-=-=-=-=
> > Check out PHPenguin, a lightweight and versatile
> > PHP/MySQL, AJAX & DHTML development framework.
> > http://phpenguin.bigskypenguin.com/
> >
> > -- 
> > MySQL General Mailing List
> > For list archives: http://lists.mysql.com/mysql
> > To unsubscribe:    http://lists.mysql.com/[EMAIL PROTECTED]
> >
> 
> 
> -- 
> MySQL General Mailing List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe:    http://lists.mysql.com/[EMAIL PROTECTED]
> 

_________________________________________________________________
Reveal your inner athlete and share it with friends on Windows Live.
http://revealyourinnerathlete.windowslive.com?locale=en-us&ocid=TXT_TAGLM_WLYIA_whichathlete_us

Reply via email to