Hiya all,
I've just built a simple forum thanks to "thescript - someone gave me a link to a very good tutorial.
My problem now is this, how do I validate a textarea, which is saved in a mySQL database, such that users can't just input sql and bring down my database - i was thinking along the lines of just looking for quotation marks and then producing an error if any quotation marks are found.
This means no quotes can be used though in the forum.
Erm... any ideas? I've looked around but cannot find any site helping with this.
I don't know if php has functions readily available i can use, or if i can download some?
Thanks again,
William.
I've just built a simple forum thanks to "thescript - someone gave me a link to a very good tutorial.
My problem now is this, how do I validate a textarea, which is saved in a mySQL database, such that users can't just input sql and bring down my database - i was thinking along the lines of just looking for quotation marks and then producing an error if any quotation marks are found.
This means no quotes can be used though in the forum.
Erm... any ideas? I've looked around but cannot find any site helping with this.
I don't know if php has functions readily available i can use, or if i can download some?
Thanks again,
William.
Comment