Hi guys! (and girls if any ;)
I want to block my users from submitting a string that includes link(s)
stated using a href=...
probably there's some function in php?
i don't want eregi_replace, I just want the code to check a string in
variable if there's any a href... if so, then I'll use exit(); or smthng
else
Thanks for your suggestions!
7  2741 
Veco schreef:
Hi guys! (and girls if any ;)
I want to block my users from submitting a string that includes link(s)
stated using a href=...
probably there's some function in php?
i don't want eregi_replace, I just want the code to check a string in
variable if there's any a href... if so, then I'll use exit(); or smthng
else
Thanks for your suggestions!
stristr('a href',$text);
--
Arjen http://www.hondenpage.com
On Tue, 23 Jan 2007 17:38:52 +0100, Veco wrote:
Hi guys! (and girls if any ;)
I want to block my users from submitting a string that includes link(s)
stated using a href=...
probably there's some function in php?
i don't want eregi_replace, I just want the code to check a string in
variable if there's any a href... if so, then I'll use exit(); or smthng
else
A function I wrote to sit in a message board program I wrote:
function check_bad_conte nt($string)
{
// Stuff that spammers post with:
$bad_strings = array('www.','/url]','ttp://','ttps://') ;
foreach( $bad_strings as $bad_string )
{
if ( ereg( $bad_string, $string ) ) return false ;
}
return true;
} // E-O-function check_bad_conte nt
The entire message is passed in the parameter to check_bad_conte nt.
HTH
Jonesy
--
Marvin L Jones | jonz | W3DHJ | linux
38.24N 104.55W | @ config.com | Jonesy | OS/2
*** Killfiling google posts: <http://jonz.net/ng.htm>
Veco wrote:
I want to block my users from submitting a string that includes link(s)
stated using a href=...
What about...
<a target="_self" href="...">
??
--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact
Allodoxaphobia wrote:
$bad_strings = array('www.','/url]','ttp://','ttps://') ;
foreach( $bad_strings as $bad_string )
if ( ereg( $bad_string, $string ) ) return false ;
Why do people insist on using ereg()? preg_match() gives better
performance and more flexibility. In this case anyway, you're matching
against plain strings, not regular expressions, so strstr() would be
even faster.
In any case, the following string would pass through your filter
unblocked: hTTp://wWw.example.com/
because your tests are case-sensitive. The case-insensitive versions of
ereg() and strstr() are eregi() and stristr(). preg_match() can be made
case-insensitive using the '/i' flag.
function check_bad_conte nt($string)
{
$bad_strings = array('www.','/url]','ttp://','ttps://') ;
foreach ($bad_strings as $bad_string)
if (stristr($strin g, $bad_string))
return FALSE;
return TRUE;
}
--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact
Thanks - all of you!
"Veco" <kr************ ***@kc.t-com.hrwrote in message
news:ep******** **@ss408.t-com.hr...
Hi guys! (and girls if any ;)
I want to block my users from submitting a string that includes link(s)
stated using a href=...
probably there's some function in php?
i don't want eregi_replace, I just want the code to check a string in
variable if there's any a href... if so, then I'll use exit(); or smthng
else
Thanks for your suggestions!
On Jan 23, 8:23 pm, Toby Inkster <usenet200...@t obyinkster.co.u k>
wrote:
Veco wrote:
I want to block my users from submitting a string that includes link(s)
stated using a href=...What about...
<a target="_self" href="...">
I don't know about others, but in my case anything with '<a' in the
message is rejected.
I understand that this is a bit extreme, but in my case I cannot really
see why they would want to post links in the first place, (when they
are told not to do it!), or the characters '<a'.
I test for '<a' after my normal XSS check that would have rejected the
message anyway.
Simon
<comp.lang.ph p>
<Veco>
<Tue, 23 Jan 2007 17:38:52 +0100>
<ep**********@s s408.t-com.hr>
I want to block my users from submitting a string that includes link(s)
stated using a href=...
probably there's some function in php?
i don't want eregi_replace, I just want the code to check a string in
variable if there's any a href... if so, then I'll use exit(); or smthng
else
Thanks for your suggestions!
$poop=str_repla ce("<","",$poop );
$poop=str_repla ce(">","",$poop );
This means you dont have to exit and you can see what somebody tried to
enter without it working as a hyperlink .
-- www.phptakeaway.co.uk
(work in progress) This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Gordon Mohr |
last post by:
I'd like to set up a bit of javascript to be run when other javascript
loads a new page via something like { top.window.location.href =
newLocation }, and have access to the new value. (For example, so that
the target URL can be modified before fetching.)
In Mozilla, top.location.watch("href",fn) works well for this purpose.
In IE,...
|
by: mike |
last post by:
regards:
<a href="JavaScript:loadwindow(106,90);"
style="font-family:Verdana;">元智Intranet</a>
In HTML spec,are "href" and "style" called "attribute"?....@@
Could someone good give me the hand? @@.
thank you
may god be with you
|
by: Dave Hammond |
last post by:
I recently noticed the stylesheet link in an html page had the href set
to a PHP script, as in:
<LINK REL="stylesheet" href="some_css.php" type="text/css">
Presumably the file being referenced was actually an executable PHP
script and not a css file that happened to have a .php extension.
Based on that assumption, I tried the same thing...
|
by: jwayne |
last post by:
I'm trying to implement a navigation bar with multiple a href classes. The
following example works exactly as I want it to, but for Internet Explorer only.
Firefox does not indent each link.
http://jonathanwayne.com/test/test.html
Here's the relevant snippet:
<div class="nav">
<a href="#">link 0</a>
|
by: |
last post by:
I have an idea for a way to help maintain my websites, and I'm hoping
someone can help me figure out how to implement it using C#, VB.NET, or
elements of the .NET framework. I'd be putting this on ASP.NET pages.
There's always the possibility that webpages can a) get defaced, or b) go
offline for one reason or another.
I was thinking that...
| | |
by: kelvlam |
last post by:
Hello,
I'm a new begininer with JavaScript. I'm trying to figure out which is
the best approach, and to understand the differences between them.
I have a <Aelement that's suppose to either launch a popup window, or
it will link you to some dynamic created page.
I have declared a global JavaScript function
|
by: maxamis4 |
last post by:
Hello folkes. I have a check list box in vb.net and i want to know how I can check and see what items are checked.
my check box name is ChListServices
|
by: Mikewill |
last post by:
I need to fix my Moodle database and someone has told me that they "used their server's CPanel and the mySQL feature to "check" then "fix" his moodle database". I dont have a cpanel and was hoping someone could help a newbie to "check" and "fix" functions in MySQL?
Hope someone can help? :-)
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it. ...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in...
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
| |
