check comment for html


Posted on 16th Feb 2014 07:03 pm by admin

hi, I just wanted to check if a comment a user posts contains HTML, and if it does, to not allow it to be posted.

this is my current php, any help would be very much appreciated! thanks.


Code:
<?php

$comment=$_POST['comment'];
$name=$_POST['name'];
$email=$_POST['email'];
$website=$_POST['website'];
$date=date("y/m/d h:i:s");

if($name && $email && $comment){

$sql="INSERT INTO `comments` (`name`, `email`, `website`, `articleid`, `comment`, `datetime`) VALUES ('$name', '$email', '$website', '$id', '$comment', '$date')";
$result=mysql_query($sql) or die(mysql_error());


if($result){


echo "Your comment was posted succesfully on the article n";
echo $rows['title'];
echo '<p><a href="view_article.php?id=';
echo $id;
echo '">Click here to go back to the article.</a></p>';
}else {
echo "Sorry, your comment could not be posted. Please make sure you fill in all the fields marked with *.n";

}
}else {
echo "Sorry, your comment could not be posted. Please make sure you fill in all the fields marked with *.n";
}
?>

No comments posted yet

Your Answer:

Login to answer
173 Like 11 Dislike
Previous forums Next forums
Other forums

problems with script
I made a small script wich exchanges points in my website:


<?php
session_start

Filtering an Array Based on Value
I have a very simple script set up that pulls data from a database and is output using this code:

$get problem
Hi Guys ...

can you please tell me what i am doing wrong here
Code: <?php

Need help with a mail notify function
I was tasked with setting up a site that's been prewritten. The site is basically a form that captur

Scrolling news bar and MySQL
I am not sure if this is the correct forum to post this on. If not, I apologize. I am still pretty

php libs/ browsercap.in
ok i have a host that refuses to stay current. they control my php settings and libs. is there a way

very easy question about SQL info
Hello,
I think that I have a very easy question.
I know how to create a form using php SQL and

php automatically escaping single quotes
I'm trying to test out my security a bit and I've noticed that php is escaping my single quotes. For

Not Loading Function Into Div
I'm not sure whether to put this under the php forum or ajax forum but because I tink it's more of a

Character Set Setup
Whats the best character set to use if you want every character to work, and also how do you make yo

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash