Well then thats your fault for allowing HTML. Either strip the HTML completely or use a BB code system.
http://www.milesj.me/resources/script/decoda On Nov 14, 3:00 pm, David Roda <davidcr...@gmail.com> wrote: > can they post php tags too? > > I would be very scared of something like <?php unlink("/"); ?> > > On Sat, Nov 14, 2009 at 4:55 PM, thankyou <gregbo...@gmail.com> wrote: > > I do currently use captcha but its obviously not sufficient. People > > can still post <a href ... links. > > > On Nov 14, 4:00 pm, Miles J <mileswjohn...@gmail.com> wrote: > > > It seems your not doing any validation or filtering, thats a problem > > > with your app, not the spam. Try adding a captcha or a spam blocker. > > > >http://www.milesj.me/resources/script/commentia-behavior > > > > On Nov 14, 12:31 pm, LancerForHire <lancerforh...@gmail.com> wrote: > > > > > If they are able to post raw html to show nude pictures I can only > > > > imagine what else they can do :( > > > -- > > > You received this message because you are subscribed to the Google Groups > > "CakePHP" group. > > To post to this group, send email to cake-...@googlegroups.com. > > To unsubscribe from this group, send email to > > cake-php+unsubscr...@googlegroups.com<cake-php%2bunsubscr...@googlegroups.com> > > . > > For more options, visit this group at > >http://groups.google.com/group/cake-php?hl=. -- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-...@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/cake-php?hl=.