Gossamer Forum
(Advanced Search)
for
Home : General : Perl Programming :

HTML discrimination

Apr 17, 1999, 3:45 AM
Pasha
User (214 posts)
Apr 17, 1999, 3:45 AM
Post #1 of 4
Views: 3442
Shortcut
Quote Reply
HTML discrimination
I've seen this topic somewhere in this forum, but I can't find it.

How do I rip off HTML tags from the data that user submitted, or at least detect HTML tags or parts of HTML tags.
Some users might try to submit something like:

Code:

</a><img scr=\"http://url.com/junk.jpg\">

or

Code:

\"><h1>Unwanted stuff</h1>

or even a whole HTML document. I need to prevent it for well known reasons.


Thank you in advance.


Pasha

------------------
webmaster@find.virtualave.net
http://find.virtualave.net
Apr 17, 1999, 4:43 AM
cK
Enthusiast (567 posts)
Apr 17, 1999, 4:43 AM
Post #2 of 4
Views: 3219
Shortcut
Quote Reply
Re: HTML discrimination In reply to
try this:



if ($line =~ /<a\s+href[^>]+>([^<]+)<\/a>/i){
&site_html_add_failure ("You're message!! ");
return;
}
Apr 17, 1999, 5:40 AM
Mark Badolato
Veteran (1509 posts)
Apr 17, 1999, 5:40 AM
Post #3 of 4
Views: 3217
Shortcut
Quote Reply
Re: HTML discrimination In reply to
I would check out the HTML::Parse module, available at CPAN.

-mark

Apr 17, 1999, 6:18 PM
Pasha
User (214 posts)
Apr 17, 1999, 6:18 PM
Post #4 of 4
Views: 3208
Shortcut
Quote Reply
Re: HTML discrimination In reply to
chrishintz,

So far I have:

Code:

if ($fields{'url'}=~/\http:/) {
}
elsif ($fields{'url'} =~ /<a\s+href[^>]+>([^<]+)<\/a>/i)
{
$error_url =1;
}
else {
$error_url =1;
}

and it's not working. It still does not detect if a user submitted an HTML tag.


Regards,

Pasha

------------------
webmaster@find.virtualave.net
http://find.virtualave.net