Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

A forum in ASP

Status
Not open for further replies.
bartdude

bartdude

Technical User
Nov 20, 2002
3
GB
Hi all !

I'm developping a Discussion forum in VBscript , and i would like to avoid users putting HTML tags into their messages...I'm quite sure there's a function which can handle this , but I just can't find it anymore.

Could anyone help me please ???

Thx :)

Bartdude
 
Sort by date Sort by votes
Yep, I found this function somewhere that strips out anything between <> tags.

Function FilterHTML(strToFilter)
Dim strTemp
strTemp = strToFilter
While (Instr(1,strTemp,&quot;<&quot;) > 0) AND (Instr(1, strTemp, &quot;>&quot;) > 0)
strTemp = Left(strTemp, Instr(1, strTemp, &quot;<&quot;)-1) & Right(strTemp, Len(strTemp)-Instr(1,strTemp, &quot;>&quot;))
WEnd
FilterHTML = strTemp
End Function


Not my fubnction but I use it a lot.

Hope this helps.

G -GTM Solutions, Home of USITE-
-=
 
Upvote 0 Downvote
probably want to add something that checks for a >, otherwise, a post starting with < alskdjflaskdjflaskjdflaksdjflaskdjflakdjla

will make the whole thing blank ...
 
Upvote 0 Downvote
Um, this code does check for a >. It removes anything contained within <>. Ie the string &quot;abcd<efg>hijk&quot; would become &quot;abcdhijk&quot;.

G -GTM Solutions, Home of USITE-
-=
 
Upvote 0 Downvote
Here is a better way to do it:


<%
Dim userMsg
userMsg = Request.Form(&quot;theMsg&quot;)

' Here comes how you weed-out the code you don't want...
userMsg = Replace(userMsg, &quot;<&quot;, &quot;&amp;lt;&quot;)
userMsg = Replace(userMsg, &quot;>&quot;, &quot;&amp;gt;&quot;)

Response.write(userMsg)
%>


It replaces the current variable &quot;userMsg&quot; which contains the message from the form on the last page. It replaces all the &quot;<&quot; symbols in the message typed with &quot;&amp;lt;&quot; which is the ascii symbol for &quot;<&quot; but is not recognized by html as a command. The same goes for the other symbol.

Hope this helps! Let me know if you have any more questions or need more explanation.
-Ovatvvon :-Q
 
Upvote 0 Downvote
Or you could leave the html tags in but force the browser to display them as text and not interperate them as tags.
You can do it like so:
strOrg = &quot;some text<form>some more text&quot;
strReplace = Replace(strOrg,&quot;<&quot;,&quot;&lt;&quot;,1)
strReplace = Replace(strReplace, &quot;>&quot;, &quot;&gt;&quot;, 1)
response.write strReplace
 
Upvote 0 Downvote
Why not just use Server.HTMLEncode?
ex:
dim reformattedStr
reformattedStr = Server.HTMLEncode(strToFormat)

That'll escape all the <> marks to their respective &xxx; signs. That might leave some undesired functionality, though, since the bare tags will appear in the message.

The best way would be to strip it out using regexp. this needs VBS 5.5, though, since it's a non-greedy expression.

Code: 
Dim re,strippedStr
set re = new regexp
re.pattern = &quot;<.*?>&quot; 'search for anything between <>
re.global = true
re.ignorecase = true
strippedStr = re.replace(strToSearch,&quot;&quot;) 'replaces the tags with &quot;&quot;
set re = nothing
in my example, strippedStr will have the message without any html tags inside it. this will strip out everything between <> tags, though, so things like <grin> will get removed.

for more info on this, see

hth leo

------------
Leo Mendoza
lmendoza@students.depaul.edu
 
Upvote 0 Downvote
I prefer Ovatvvon's method. Especially when doing forums where the user will want to paste code for others to view.

Also, you can combine it with another function that replaces another set of strings with their HTML equivalents. This would enable you to give the user some formatting control. This kind of feature is quite easy and popular.

e.g. and might be replaced with the HTML Bold tags.

Make sure you put them in the right order, or you'll end up converting your forum tags () into html tags (<B>) and then ending up with <B> You'll need to convert your existing html tags using ovatvvons method, then use another replace to convert your forum codes into html.

Also, if you provide an edit function, rememember to do these functions in reverse, so that it appears correctly in the text area.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

penguinspeaks
  • Locked
  • Question
write HTML code within ASP line
Replies
1
Views
257
xwb
xwb
leifoet
  • Locked
  • Question
How to send HTML emails with ASP classic?
Replies
0
Views
237
leifoet
leifoet
penguinspeaks
  • Locked
  • Question
Return to current location on page after asp processes.
Replies
2
Views
190
penguinspeaks
penguinspeaks
leifoet
  • Locked
  • Question
Wrong code in a href ?
Replies
1
Views
168
leifoet
leifoet
penguinspeaks
  • Locked
  • Question
Parse a database field that is comma delimited and input the results into another table
Replies
0
Views
166
penguinspeaks
penguinspeaks

Part and Inventory Search

Sponsor

Back
Top