How To Stop HTML Tags From Submitting In Forms Deny Block Ban Forbid Submit

as a webmaster you have to always be on the lookout for security vonoroublities with your website. A pontential security problem could be HTML forms, many robots, spambots flood your site entering bogus information.

Lately, i've been getting bogus form submits on one of my contacts page on other websites.

on one of the fields, it was submited as their name:
Code:

<a href=" http://myblog.es/replica-cartier-watches ">replica cartier

this is abiously a spam.

There are many things you can do to prevent this, one is you can put a image with numbers and letters so users can input into the form to validate the code they see on the picture, this ensures an actual human being is submitting the form and not a spambot. but this methos requires resouces from your server.

Another simple solution is to forbid or ban cetain specific letter, numbers or character in the fields.

for my example in this tutorial guide, i will not allow the "<" character to be in any part of the fields. so to do this i am going to be using

For this to work, you will need to have PHP. If you don't have PHP, you can signup with our friends at www.webune.com they have PHP web hosting plans to help you with these scripts.

so, if you already have PHP, copy and past the following code into your text editor like notepad:

Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>How To Ban Deny Forbid some strings like letters or numbers characters forms</title>
<style type="text/css">

</style>
</head>

<body>
<h1 align="center">How To Limit Number of Characters Tutorial Guide by <a href="http://www.wallpaperama.com">Wallpaperama</a> </h1> <hr />
<p align="center">PHP Hosting at <a href="http://www.webune.com">Webune.com</a> </p>

<?
$forbiden="<";
if($_POST['submit'] && $_POST['letter'])
{
if(strpos($forbiden, $_POST['letter'])==$forbiden)
{
echo '<h2 class="style1">Sorry, <span class="style2">"'.$_POST['letter'].'"</span> is not allowed"</h2><hr />';
}
else
{
echo '<h2 class="style5">Congratulations! <span class="style2">"'.$_POST['letter'].'"</span> is allowed '.strpos($forbiden, $_POST['letter']).' </h2><hr />';
}
}
?>
<p><strong>This is the value of <span class="style2">$string</span>: </strong><span class="style1">"<a href="http://www.wallpaperama.com">This is a spam link</a>" </span></p>

<form name="form1" method="post" action="">
What letter do you want to search for in <span class="style4">$string</span> ?
<input name="letter" type="text" id="letter" value="">
<input type="submit" name="submit" value="<? if($_POST['submit']){ echo "Submit";} else { echo"Submit Again"; } ?>">
<br /><br /> For Example, You can search for the letter <span class="style1"><strong>W</strong></span> or the phrase <span class="style1"><strong>wallpaperama</strong></span>
</form>
<p> </p>
<p><a href="http://www.wallpaperama.com/forums"><< Go back to Turorial </a></p>
<p align="center">PHP Hosting at <a href="http://www.webune.com">Webune.com</a> </p>
</body>
</html>

Now save this file as function-strpos.php and upload to your site, and open it with your browser. this will show you how this function works to help you get rid of spambots submiting your forms like contact us.

Thanks to our friends at www.webune.com, they have provide free PHP hosting for us to show you this script in action.

CLICK HERE TO SEE DEMO

Quote:

How To Forbid Deny Not Allow Cetain Letters Numbers Characters In HTML Form ban disallowed permit forbid forbidden block stop prevent rotm HTML tags character letters numbers php enter entering submiting submission submision button

What do you think?