i have a form that posts to a database and i was testing code that prevents any javascript or othe client-side scripting from being submitted to the database.All javascript code i submitted ended up in the database, i figure this is bad.How can i prevent this?
rhodoscoder
0
Light Poster
Recommended Answers
Jump to PostThe easiest solution is to create a verification test (in js) on the form .
Jump to PostConsider to use HTML Purifier in your application: http://htmlpurifier.org/
It will give you the ability to whitelist the tags that you want to allow and, most important, it will validate the attributes, removing …
All 5 Replies
Alibi Ghazi
0
Newbie Poster
decade
2
Junior Poster in Training
cereal
1,524
Nearly a Senior Poster
Featured Poster
rhodoscoder
0
Light Poster
cereal
1,524
Nearly a Senior Poster
Featured Poster
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.