[Israel.pm] RegEx in HTML Character

Yona Shlomo yona at cs.technion.ac.il
Mon Jan 28 10:46:21 PST 2008

On Mon, 28 Jan 2008, Georges EL OJAIMI wrote:

> Hello,


> I am customizing my own RTE and trying to reduce it to only 4 few elements, in order to prevent HTML characters and SQL injection into the database, I modified the tags like the following:

How does the following help prevent HTML characters and SQL
injection into the database?

> [b]bold[/b]
> [i]italic[/i]
> [u]underline[/u]
> [url=http://www.url.com]url[/url]
> I want to replace each tag on the fly by its real HTML tag while displaying it to the end user.
> Is there a way to replace all these tags by there equivalents? I am having problem detecting the brackets []

Can you guarantee that square brackets are only used as your

Your is the [url=....] the equevalent to the HTML <a href=...> ?

Shlomo Yona
yona at cs.technion.ac.il

More information about the Perl mailing list