check comment for html


Posted on 16th Feb 2014 07:03 pm by admin

hi, I just wanted to check if a comment a user posts contains HTML, and if it does, to not allow it to be posted.

this is my current php, any help would be very much appreciated! thanks.


Code:
<?php

$comment=$_POST['comment'];
$name=$_POST['name'];
$email=$_POST['email'];
$website=$_POST['website'];
$date=date("y/m/d h:i:s");

if($name && $email && $comment){

$sql="INSERT INTO `comments` (`name`, `email`, `website`, `articleid`, `comment`, `datetime`) VALUES ('$name', '$email', '$website', '$id', '$comment', '$date')";
$result=mysql_query($sql) or die(mysql_error());


if($result){


echo "Your comment was posted succesfully on the article n";
echo $rows['title'];
echo '<p><a href="view_article.php?id=';
echo $id;
echo '">Click here to go back to the article.</a></p>';
}else {
echo "Sorry, your comment could not be posted. Please make sure you fill in all the fields marked with *.n";

}
}else {
echo "Sorry, your comment could not be posted. Please make sure you fill in all the fields marked with *.n";
}
?>

No comments posted yet

Your Answer:

Login to answer
173 Like 11 Dislike
Previous forums Next forums
Other forums

PHP Surveys
I really would like some advice.

If you have a client come to you asking for a survey to be d

Loop Through Date Range
Hi guys,
I have date range as parameter like 01/JAN/2009 TO 16/JAN/2009 now i want to loop thro

IP question
ive got 2 ip addresses both global from same user how would i detect if they are local to each other

Print 'a' to 'z' via for loop
A very simple problem..
How Can I print a to z NOT a to y ?
It is a part of a code where
<

Need help with a mail notify function
I was tasked with setting up a site that's been prewritten. The site is basically a form that captur

Help With editting and deleting form
So look at this image :

http://img194.imageshack.us/img194/8272/snapshot5f.png
This table

Format timestamp from mysql
When I tried this:
Code: date("m/d/Y H:i A", $row['timestamp'])
I got 12/31/1969 18:

.htpasswd Registration Form
Hi,
I wanted to make an htpasswd registration form.
I found this code on the internet but have

Printing issues with xMII 11.5
For some reason, we have one report (and only one) that is giving us fits when trying to print. The

is this the proper use of mysql_real_escape_string() to prevent sql injections?
i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash