-
how filter source html?
hi,
i building a site of ads that can accept html source for users can show their ads with images with the custum sizes and with custum fonts and tables
flash content etc
but i want block some code like php code
< php>
include "ext";
<?>
and javascript too and other code that can result in a segurity issue.
there is any function in php or other way to detect that code before save to the db?
thanks a lot for your help
-
-you can parse if " <?php " exists in the string or "<script" or "<?" ..etc
-you can get the value from the database as "string" and put them directly into a "string-variable" so that it won't be executed in the server side but only shown in the user side .. for the java-script , stripslashes and remove quotes (or replace by " ) before displaying the string .. this won't make the script able to run but considered as a normal string ..
-
hi,
thanks for your help i will try that
Similar Threads
-
By null_guy in forum Java
Replies: 27
Last Post: 07-16-2008, 06:33 AM
-
By karunakarroyal in forum AJAX
Replies: 1
Last Post: 03-17-2008, 07:50 AM
-
Replies: 7
Last Post: 10-18-2005, 05:14 PM
-
By james chung in forum Web
Replies: 0
Last Post: 09-16-2000, 02:41 PM
-
By Eng Heong in forum Web
Replies: 13
Last Post: 06-28-2000, 02:54 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
Forum Rules
|
Top DevX Stories
Easy Web Services with SQL Server 2005 HTTP Endpoints
JavaOne 2005: Java Platform Roadmap Focuses on Ease of Development, Sun Focuses on the "Free" in F.O.S.S.
Wed Yourself to UML with the Power of Associations
Microsoft to Add AJAX Capabilities to ASP.NET
IBM's Cloudscape Versus MySQL
|
Reply With Quote
Bookmarks