Block codes like this being entered into a form?
;<script type="text/javascript">
window.location="http://www.DOMAIN.com";
</script>

+rep for help

if using php use add_slashes() / addslashes()

Generally, if you are using PHP you would filter the input like so:



// Get the message from the post data
$formMessage = $_POST['message'];

// Filter it
$formMessage = strip_tags( $formMessage );
$formMessage = htmlentities( $formMessage );


This is, of course, just the basics. You may want to put it into a function to make it easier across more than 1 var.

Google.com helps with this stuff... more useful than us..

Google.com helps with this stuff... more useful than us..
Don't even post if your going to say crap like that.

maybe you should check google before you make a post or are you just bin lazy?

maybe you should check google before you make a post or are you just bin lazy?
I think checking google would be easier than making posts here and waiting for replys...

I think checking google would be easier than making posts here and waiting for replys...
i second that!

That's how I learnt php

All true but you can't ask old googled pages questiond can you?

All true but you can't ask old googled pages questiond can you?

No, but you can take quotes form your question andthe old google generally finds it... right?

Like if my question was "What does guitar hero have in common with rock band?"

I could but differences between guiatar hero and rock band... or just guitar hero and rock band...??

Get my giz..?

Lew.