I manage to have string "script" not to pass to databes,... but when I type in <script> or anything starting with "<" e.g. <src it's passing,... how can I do this NOT to pass, having any character after "<" NOT to pass,... thanks
$regex = '/(<|>|script)$/';
On Thursday, April 18, 2013 5:48:04 PM UTC-7, Chris wrote:
hi guys,... can anyone help please,...--how can I find if string contains "script" tag with preg_match,... ?I'm trying to avoid/aboard submission if data passed as <script>...</script>$short_status = $this->params['form']['value']; $regex = '/^[<script>]$/i';if(preg_match($regex, $short_status)){die();}else{to process post and save to database,...thanks in advance,chris
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment