PHP DISABLE HTML ON MEMBERS PAGE - Printable Version +- Support Forums (https://www.supportforums.net) +-- Forum: Categories (https://www.supportforums.net/forumdisplay.php?fid=87) +--- Forum: Coding Support Forums (https://www.supportforums.net/forumdisplay.php?fid=18) +---- Forum: PHP The Hypertext Preprocessor (https://www.supportforums.net/forumdisplay.php?fid=21) +---- Thread: PHP DISABLE HTML ON MEMBERS PAGE (/showthread.php?tid=18766) |
PHP DISABLE HTML ON MEMBERS PAGE - Leprechaun Coder - 05-14-2011 Hello, I am new here, and i have to say i am very impressed on the site layout and the value of members that are on here. I am pleased to join such an appropriate forum to learn from! Now, if i may get started on my little problem that i am having with my registration form. Before i get further into detail i am a nub at php coding, i have been getting into it lately and want to advance my learning with it. Ok, that being said i would like to disable html sign up's on my registration. People are inserting html tag's in my registration field causing the members page to mess up. They inserted a big image that covered my whole page with the word 'hacked on it'. Which is very funny because it doesn't cause any harm but it's my stupidity for not disabling html tag's. I would like some help with this so people can stop doing this stupid crap. I added a spam filter to my project so people don't use wpe pro to spam the mysql database and waist space. Here is my register.php code: PHP Code: <?php session_start() ?> Here is register-exec.php: PHP Code: <?php If i could get some help with this i would be greatly appreciated. This can be annoying to other's, and i thought this would be a place to submit a question like this to users with the same problem... Regards, Leprechaun Coder RE: PHP DISABLE HTML ON MEMBERS PAGE - Gaijin - 05-14-2011 Your clean() function doesn't really prevent anything. PHP Code: function clean($str) { The function htmlentities() takes characters like "<" and ">" and turns them into html entity "<" and ">", "&" = &..... and so on. You can also use htmlspecialchars(), but I prefer htmlentities(). http://php.net/manual/en/function.htmlentities.php http://www.supportforums.net/showthread.php?tid=700 RE: PHP DISABLE HTML ON MEMBERS PAGE - Leprechaun Coder - 05-14-2011 Hey could you come on to teamviewer and help me disable html tags if it isn't much trouble. RE: PHP DISABLE HTML ON MEMBERS PAGE - Sly - 05-14-2011 He already gave you the exact function that you need to use to prevent this from happening. You could at least copy and paste it yourself. RE: PHP DISABLE HTML ON MEMBERS PAGE - Leprechaun Coder - 05-14-2011 I know but like where do i put it inside my code, i tell you i am a giant noob with php, lol. RE: PHP DISABLE HTML ON MEMBERS PAGE - Sly - 05-14-2011 If you don't know where to put it inside "your" code, then it's not your code. In either case, it doesn't take a genius to figure out where to put it. Especially since it follows the exact same layout as the function that is already in the code, with a couple of extra functions on one line. RE: PHP DISABLE HTML ON MEMBERS PAGE - Leprechaun Coder - 05-14-2011 (05-14-2011, 09:10 PM)Sly Wrote: If you don't know where to put it inside "your" code, then it's not your code. In either case, it doesn't take a genius to figure out where to put it. Especially since it follows the exact same layout as the function that is already in the code, with a couple of extra functions on one line. This code is open source, when i got it it wasnt' secure. You seem to be filled with knowledge. Can you help me? RE: PHP DISABLE HTML ON MEMBERS PAGE - Sly - 05-14-2011 You have the function in the original code. You have the function that Gaijin posted. Search for the function in your file, and replace it with what he posted. That's all it takes. RE: PHP DISABLE HTML ON MEMBERS PAGE - Leprechaun Coder - 05-14-2011 Thank you it worked. God you guys are php l33t. Ha |