[Israel.pm] RegEx in HTML Character

Georges EL OJAIMI G-OJAIMI at cyberia.net.lb
Mon Jan 28 11:02:21 PST 2008


Yona Shlomo wrote:
> How does the following help prevent HTML characters and SQL
> injection into the database?
>> [b]bold[/b]
>> [i]italic[/i]
>> [u]underline[/u]
>> [url=http://www.url.com]url[/url]
>> I want to replace each tag on the fly by its real HTML tag while 
>> displaying it to the end user.
>> Is there a way to replace all these tags by there equivalents? I am 
>> having problem detecting the brackets []
I will remove all escape characters except these ones. example: 
/<[//]{0,1}(B|b)[^><]*>/g by dynamically passing all the needed tags.
> Can you guarantee that square brackets are only used as your
> markup?
> Your is the [url=....] the equevalent to the HTML <a href=...> ?

Yes, it is

Best regards,

More information about the Perl mailing list