Jon Perron
Reputation: 75
How to stop text boxes from interpreting information entered as HTML
I'm fairly new to html and php and have an issue where I can type html into my text box and if I echo out the information from the database it will actually run the code. What I mean is...
On my website there is a textbox and in the text box they can type br or a href etc and the code will run like actuall html.
So is there a way to prevent this? CKEditor or what? All support is much appreciated!
Upvotes: 1
Views: 161
Answers (1)
Niet the Dark Absol
Reputation: 324780
htmlspecialchars would be a good place to start. Followed by getting a clue what you're doing before you become yet another victim of terrible coding practices and security issues.
Upvotes: 2
Related Questions
- html text box form that will not allow input
- How do I stop input type text from executing html code
- Disable textbox auto fill in ASP.NET
- HTML In Textbox Error
- How to pass HTML or other similar markup safely into a textbox without disabling validaton?
- How to handle Html inputs in the TextBox
- Infopath textbox displaying html tags
- How to disable the Textbox's HTML encoding in ASP.Net?
- How do I keep an ASP.NET TextBox from HTML-encoding its content?
- Force text instead of HTML