Hello all,

I have this strange problem. I have a website where user can post messages to the site. I see from yesterday that someone is trying is manipulate with the forms.

I see some 1048 messages posted in a single minute to the site :( .
I used nl2br(htmlentities(-displaymessage)).. but it only captures html code. What about other scripts code that malicious users try to run.. I see no code or anything displayed in my website. The only thing i see is soo many messages posted to the site in less than a single minute.

Please help me :(.. how to avoid these kind of things...

Use captcha.

Thanks for the quick reply. I shall use it definetly.

Can you please tell me how to display that javasrcipt code instead if allowing it to run in the website ..just like capturing html...

This question has already been answered. Start a new discussion instead.