Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

Trouble With A GuestBook

Righto,

Ive made a guestbook using ASP, SQL and Access 2000 blah blah blah, everything works fine however if a user types in some Javascript into the message field such as...


alert("BooYah, an alert!")


...then the 'viewguestbook.asp' page wil run that Javascript. Im pretty sure theres an easy answer to this but i've been scouring all over the place and cant find anything...all help appreciated!

Dave

Comments

  • alexzhenalexzhen Member Posts: 13
    : Righto,
    :
    : Ive made a guestbook using ASP, SQL and Access 2000 blah blah blah, everything works fine however if a user types in some Javascript into the message field such as...
    :
    :
    : alert("BooYah, an alert!")
    :
    :
    : ...then the 'viewguestbook.asp' page wil run that Javascript. Im pretty sure theres an easy answer to this but i've been scouring all over the place and cant find anything...all help appreciated!
    :
    : Dave
    :

    hi, you need to convert and to &ltscript> and </script>. you can done this in client or server side.
  • cosmicbeardcosmicbeard Member Posts: 10
    Lo There!

    Thanks for the reply!

    Sorry to be a pain in the ar*e but im not sure exactly which tags i need to replace with < and >...if possible could you give me it in beginners (or laymans) terms.

    Oh yea, i guess youve guessed, im a beginner ^_^ - Thanks!

    Dave
  • Anjuna MoonAnjuna Moon Member Posts: 89
    In the code after the Post where you pick up the form-data, use

    strInput=request("textAreaName")
    filteredInput=replace(strInput,"<","<")
    filteredInput=replace(strInput,">",">")

    /Chris
  • Shawn CarterShawn Carter Member Posts: 0

    ______ < http://forcoder.org /> free ebooks and video tutorials about || JavaScript, Scratch, MATLAB, Ruby, Visual Basic, Objective-C, C, Swift, PHP, Go, Delphi, C++, Java, R, Perl, C#, Python, Visual Basic .NET, PL/SQL, Assembly COBOL, Lisp, LabVIEW, Crystal, Apex, Scheme, Prolog, FoxPro, Ada, Bash, Lua, D, Clojure, ABAP, Logo, ML, Hack, Erlang, Fortran, F#, Scala, VBScript, Rust, SAS, Dart, Kotlin, Awk, Julia, Alice, Transact-SQL || ______

Sign In or Register to comment.