[nycphp-talk] escaping
Rolan Yang
rolan at omnistep.com
Wed Jan 23 21:09:52 EST 2008
Dropping all submissions with "http://" will eliminate a good amount of
spam, however you will end up with thousands of robot submitted messages
which contain nonsense messages. I'm not sure how anyone benefits from
this, but I see it a lot.
Ultimately, you will probably resort to putting a captcha on the form.
See http://www.onlamp.com/pub/a/php/2005/03/31/text_captcha.html for
examples.
~Rolan
Susan Shemin wrote:
> Is this "escaping" that you guys have been talking about what you use
> to filter acceptable data into textbox form?
>
> If so, can you explain exactly what is being used (e.g., htmlentities)
> and how to use it?
>
> Actually I need to filter out nonpermitted characters since someone
> put a Viagra advertisement into the php blog I created! (Caught it
> quite quickly and deleted the entry from the database.) I'd like to
> exclude "www." from being entered into a form.
>
> Susan
> ------------------------------------------------------------------------
>
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
More information about the talk
mailing list