How can I avoid users entering php code into my form

N

Nextextitty

New Member
How can I stop users entering \[code\]<?php ?>\[/code\] into my forms.I am using urlencode() and then using urldecode() when echoing data onto my page what is the best thing to do??UPDATE:I am writing to the database with the text urlencoded: \[code\]htmlentities (urlencode($_POST['postmessage']));\[/code\]I am using:\[code\]<?php echo htmlentities (urldecode($row['content'])) ?>\[/code\]to echo the saved data. Is that enough??
 
You must log in or register to reply here.
Back
Top