>
> Just post the URL :)
>
> Jochem
It's going to be posted next week anyway - better to get hacked now than
later :o)
http://cms.illinoislegalaid.org
http://cms.illinoisprobono.org
Most of the text inputs are on the CMS side of things, so I have less to
worry about, but there are still place
You can use RegEx to remove any html or JS in your input field for instance.
There are a couple of custom tags that are intended to reduce or elimnate
that that sort of thing. For instance CF_FormFilter does exactly this:
http://devex.macromedia.com/developer/gallery/info.cfm?ID=0FFF0D11-BF26-11D
I tend to use Ray's StripHTML...
http://www.cflib.org/udf.cfm?ID=12
And then something like...
On the action page...
The only thing you need to watch out for Is that if you are uploading
files these should not be in the loop so them out...
HTH
-Original Message-
From:
Cantrell, Adam wrote:
> In a past life I've done this before, but I was hoping somebody could give
> me a refresher. How are you guys generally dealing with people entering
> things like:
>
>
>
> into text inputs on your websites? Do you just use
> #htmlEditFormat(form.myField)# on the action p