Dropping all submissions with "http://"; will eliminate a good amount of
spam, however you will end up with thousands of robot submitted messages
which contain nonsense messages. I'm not sure how anyone benefits from
this, but I see it a lot.
Ultimately, you will probably resort to putting a captcha on the form.
See http://www.onlamp.com/pub/a/php/2005/03/31/text_captcha.html for
examples.
~Rolan
Susan Shemin wrote:
Is this "escaping" that you guys have been talking about what you use
to filter acceptable data into textbox form?
If so, can you explain exactly what is being used (e.g., htmlentities)
and how to use it?
Actually I need to filter out nonpermitted characters since someone
put a Viagra advertisement into the php blog I created! (Caught it
quite quickly and deleted the entry from the database.) I'd like to
exclude "www." from being entered into a form.
Susan
------------------------------------------------------------------------
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
