check comment for html


Posted on 16th Feb 2014 07:03 pm by admin

hi, I just wanted to check if a comment a user posts contains HTML, and if it does, to not allow it to be posted.

this is my current php, any help would be very much appreciated! thanks.


Code:
<?php

$comment=$_POST['comment'];
$name=$_POST['name'];
$email=$_POST['email'];
$website=$_POST['website'];
$date=date("y/m/d h:i:s");

if($name && $email && $comment){

$sql="INSERT INTO `comments` (`name`, `email`, `website`, `articleid`, `comment`, `datetime`) VALUES ('$name', '$email', '$website', '$id', '$comment', '$date')";
$result=mysql_query($sql) or die(mysql_error());


if($result){


echo "Your comment was posted succesfully on the article n";
echo $rows['title'];
echo '<p><a href="view_article.php?id=';
echo $id;
echo '">Click here to go back to the article.</a></p>';
}else {
echo "Sorry, your comment could not be posted. Please make sure you fill in all the fields marked with *.n";

}
}else {
echo "Sorry, your comment could not be posted. Please make sure you fill in all the fields marked with *.n";
}
?>

No comments posted yet

Your Answer:

Login to answer
173 Like 11 Dislike
Previous forums Next forums
Other forums

Extract text from string
Hi folks,

I have a string that looks like this:

aaaaaaaaaa:
bbbbbbbbbb (ccccccccc)

Not connecting to DB using ruby, error:env.c:257:in oci8lib.so: ORA-12154:
Hi All,

I am trying to connect to the database server from the client server using ruby and f

Issue Parsing XML into table
Hello all,

Im a bit new to php and new to phpfreaks. But thanks in advance for the help!
<

Get content from table into a list, without repeating.
Alright this is kinda an odd thing, so I need some help.

I have a table "quote" wit

EXplanation help
Hey all,

I am still fairly new to PHP programming and I am trying to put together a page wher

filesize problem
i use ubuntu 9.10 and i have mountet a folder from an windows

/mount/FOLDER
/mount/FOLDER/

Move array index to end
Hey guys,
Quick question:

I have an array that looks like this:
Code: [Select]$var =

distinct rows
Hi
version 10.2.0.3

I have a query output something like the following

ID

Dynamically allocating the number of rows in a table based on a variable value
Hi,
I have situation here which i cannot resolve, I have a variable temp which stores the num

redirect standard error and assert (how to?)
How do you redirect standard error and assert?

---

(Why? I am creating an web app and

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash