I am trying to block javascript from ares of my site that  users can change.
I am going to use the following code.  Can someone give me a second opinion
on whether it will work?

function stopjavascript($text){
//Stop people from using &whatever;  tags, in case they can smuggle
javascript in with that
$text = str_replace("&","&",$text);
//Stop the onmouseover, etc. parameters
$text = eregi_replace("on","o-n",$text);
//Stop script tags, as well as links to javascript:
$text = eregi_replace("script","sc-ript",$text);
//Return the edited string
return $text;

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to