Hello, Yona Shlomo wrote: > How does the following help prevent HTML characters and SQL > injection into the database? > >> [b]bold[/b] >> >> [i]italic[/i] >> >> [u]underline[/u] >> >> [url=http://www.url.com]url[/url] >> >> I want to replace each tag on the fly by its real HTML tag while >> displaying it to the end user. >> >> Is there a way to replace all these tags by there equivalents? I am >> having problem detecting the brackets [] I will remove all escape characters except these ones. example: /<[//]{0,1}(B|b)[^><]*>/g by dynamically passing all the needed tags. > Can you guarantee that square brackets are only used as your > markup? > > Your is the [url=....] the equevalent to the HTML <a href=...> ?
Yes, it is Best regards, Georges _______________________________________________ Perl mailing list [email protected] http://perl.org.il/mailman/listinfo/perl
