JCHallgren
Technical User
TOTAL NEWBIE here! I belong to a Chatroom that uses common freeware code...we are having problem with spammers posting HTML comments "<!--" and "-->" that knock out OUR post entries...i am trying to assist the owner of list with problem...
will setting "$allow_html to 0" block HTML code from being entered? i see that it does something, but have NO clue as to what...
I would LOVE to set the value of "comments" field to SPACES upon detection of ANY HTML code in it so that it would fall into the blank comments error routine and thus block that entry! How could I do so???
THANKS!!
This is section of code from original GUESTBOOK from Matt's Script Archive that i need HELp with:
__________________________________
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
# Un-Webify plus signs and %-encoding
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ s/<!--(.|\n)*-->//g;
if ($allow_html != 1) {
$value =~ s/<([^>]|\n)*>//g;
}
$FORM{$name} = $value;}
# Print the Blank Response Subroutines
&no_comments unless $FORM{'comments'};
&no_name unless $FORM{'realname'};
_______________________________________
will setting "$allow_html to 0" block HTML code from being entered? i see that it does something, but have NO clue as to what...
I would LOVE to set the value of "comments" field to SPACES upon detection of ANY HTML code in it so that it would fall into the blank comments error routine and thus block that entry! How could I do so???
THANKS!!
This is section of code from original GUESTBOOK from Matt's Script Archive that i need HELp with:
__________________________________
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
# Un-Webify plus signs and %-encoding
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ s/<!--(.|\n)*-->//g;
if ($allow_html != 1) {
$value =~ s/<([^>]|\n)*>//g;
}
$FORM{$name} = $value;}
# Print the Blank Response Subroutines
&no_comments unless $FORM{'comments'};
&no_name unless $FORM{'realname'};
_______________________________________