check comment for html


Posted on 16th Feb 2014 07:03 pm by admin

hi, I just wanted to check if a comment a user posts contains HTML, and if it does, to not allow it to be posted.

this is my current php, any help would be very much appreciated! thanks.


Code:
<?php

$comment=$_POST['comment'];
$name=$_POST['name'];
$email=$_POST['email'];
$website=$_POST['website'];
$date=date("y/m/d h:i:s");

if($name && $email && $comment){

$sql="INSERT INTO `comments` (`name`, `email`, `website`, `articleid`, `comment`, `datetime`) VALUES ('$name', '$email', '$website', '$id', '$comment', '$date')";
$result=mysql_query($sql) or die(mysql_error());


if($result){


echo "Your comment was posted succesfully on the article n";
echo $rows['title'];
echo '<p><a href="view_article.php?id=';
echo $id;
echo '">Click here to go back to the article.</a></p>';
}else {
echo "Sorry, your comment could not be posted. Please make sure you fill in all the fields marked with *.n";

}
}else {
echo "Sorry, your comment could not be posted. Please make sure you fill in all the fields marked with *.n";
}
?>

No comments posted yet

Your Answer:

Login to answer
173 Like 11 Dislike
Previous forums Next forums
Other forums

HELP with mysql_real_escape_string
I'm looking to remove apostrophes completely when someone enters lyrics but don't have a clue how to

matching numbers inside ( )
I know I can match numbers by just [0-9]+, so I thought matching numbers inside ( ) would be somethi

Not capturing all the information we require in the form.......
Hi Guys,

I was wondering if you would share some more of your knowledge today, I'm hoping it

SAP Logon Failed
I tried to login to SAP through MMC.

When i click start and give password.

it

Mail functionality from localhost to server
Hi

I am facing problem of mail functionality.

When i tested mail functionality in my

News script
Hi ...

I am not sure if this is the rite place to post this but if its not sorry

i am

Grabbing Values From an Array for Posting
I have a grid array that I am using with a form that when it hits the currently named test.php it lo

need help in php variable
i have a php variable on one page
Code: [Select]$lastId = mysql_insert_id($db);
echo $lastId;<

Optimize Code
Just started getting into the use of cookies. The following code will redirect users to a set URL s

Dealing with code in db query
I am dealing with C code and I need to make sure it is encoded some how to ensure its integrity and

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash