Text Box Formatting

How do you stop html code been submitted in a text box or text filed.

Anyone got any ideas

i don’t really konw what u mean or trying to achieve by not submitting htmlcode.

maybe what u are searching for is:
outputing user-input back to an html-file should always be done using htmlentities() or htmlspecialchars()


What it is I have a website up and running and have a contact form on it. I want to limit what people can add to that text box to just text as I have started to recieve the following

pizza fact http://heldsteam.cn [url=http://heldsteam.cn]pizza fact[/url] <a href=http://"heldsteam.cn">pizza fact</a> ifc center http://hellenbrand.cn [url=http://hellenbrand.cn]ifc center[/url] <a href=http://"hellenbrand.cn">ifc center</a> macicon http://handymans.cn [url=http://handymans.cn]macicon[/url] <a href=http://"handymans.cn">macicon</a>
m2f breast http://henkles.cn [url=http://henkles.cn]m2f breast[/url] <a href=http://"henkles.cn">m2f breast</a> mike mckay http://heifers.cn [url=http://heifers.cn]mike mckay[/url] <a href=http://"heifers.cn">mike mckay</a>

torpescent http://henningers.cn [url=http://henningers.cn]torpescent[/url] <a href=http://"henningers.cn">torpescent</a>
sunicon http://harsens.cn [url=http://harsens.cn]sunicon[/url] <a href=http://"harsens.cn">sunicon</a>
mike flynn http://heatshield.cn [url=http://heatshield.cn]mike flynn[/url] <a href=http://"heatshield.cn">mike flynn</a> unadjacent http://hicacos.cn [url=http://hicacos.cn]unadjacent[/url] <a href=http://"hicacos.cn">unadjacent</a>
suicone http://harpsichord.cn [url=http://harpsichord.cn]suicone[/url] <a href=http://"harpsichord.cn">suicone</a>

I have a capcha on the page but am getting around 200 of these a day

this is just spam. to be more explicit, to me it looks like a bot that is made to give a website a higher google ranking by putting links on other peoples websites.

there are some ways of stopping that. u have to keep in mind that this bot is trying to post somthing, and not trying to write an email.

have u checked the server logs, to find something that identifies this bot?
do u have fields that u check to have special content, e.g. email?

Its a virtual server, I dont have access to the server settings

could u create ur own log?

just dump the complete $_SERVER variable in a database?

something like:
[php]$sql=‘INSERT INTO log SET time=’.time().’, server="’.mysql_escape_string(print_r($_SERVER,TRUE)).’", post="’.mysql_escape_string(print_r($_POST,TRUE)).’"’;[/php]

P.S.: of cause this is’n showing how to create a good logging system, it’s just a quick and dirty method to get the needed data.

I’ll try it, thanks for your help

Sponsor our Newsletter | Privacy Policy | Terms of Service