Jump to content
php.lv forumi

Apstrādājam tekstu/ neļaujam izmantot html

m8t

By m8t
in Iesācējiem

 Share

Recommended Posts

m8t Newbie

m8t

Posted
Posted (edited)

tātad, es veidoju forumu. Pašlaik rakstu veidošana, kā arī komentāru pievienošana strādā, bet tik tiko saskāros ar problēmu - jebkurš lietotājs var postot html kodus savā tekstā. Vai ir kāds veids, kā atbrīvoties no html kodiem? pašreizējais teksta apstrādes kods izskatās šādi:

$action = $_GET['action'];
if($action == 'create') {
if(trim($_SESSION['username']) != "") { //parbaudam vai lietotajs ir ielogojies
if($a_5 == 1) { //atlaujam/neatlaujam lietotajam postot foruma
$query = "SELECT * FROM {$tblprefix}users WHERE username='{$_SESSION['username']}'";
$run = mysql_query($query);
while($row = mysql_fetch_array($run)) {
$uid = $row['id']; // iegustam lietotaja id
}
$topic = $_POST['topic'];
$text = $_POST['txt'];
$topic = stripslashes($topic);
$text = stripslashes($text);
$topic = mysql_real_escape_string($topic);
$text = mysql_real_escape_string($text);

if(trim($topic)!="" && trim($text)!="") {
mysql_query("INSERT INTO {$tblprefix}forums SET text='{$text}', topic='{$topic}', made_by='{$uid}'");
if(mysql_affected_rows() > 0)
{
echo $g1;
?>
<meta HTTP-EQUIV="REFRESH" content="3; url=index.php">
<?
} else {
echo $g2;
?>
<meta HTTP-EQUIV="REFRESH" content="6; url=index.php">
<?
}
} else {
echo $g3;
}
} else {
echo $g5;
}
} else {
echo $g6;
}

Edited by m8t

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...