Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA -

This WebDNA talk-list message is from

2009


It keeps the original formatting.
numero = 102717
interpreted = N
texte = --000e0cd297022e92a5046c720c96 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Hi guys, Here is what I do - you can see it in action here: http://www.foe.ie/blog/2009/05/29/policymaking-21st-century-style-by-tweet/#comments I only allow limited HTML - and - though it could be extended to allow other tags. Basically I grep and replace the allowed tags and then remove all other HTML. I don't worry about WebDNA tags as I ensure the input comment is not wrapped with [interpret]. - Tom So the posted variable is [comment] [table name=basic_conversions&fields=from,to] & & " " [/table] [text]newvalue=[grep search=<(strong|/strong|em|/em|blockquote|/blockquote)>&replace=|\1|][comment][/grep][/text] [text]newvalue=[grep search=]*)>([^<]*)&replace=|a href=\1|\3|/a|][newvalue][/grep][/text] [text]newvalue=[removehtml][newvalue][/removehtml][/text] [text]newvalue=[grep search=\|(strong|/strong|em|/em|blockquote|/blockquote)\|&replace=<\1>][newvalue][/grep][/text] [text]newvalue=[grep search=\|a href=([^\|]*)\|([^\|]*)\|/a\|&replace=\2][newvalue][/grep][/text] [text]newvalue=[unurl][grep search=%250A&replace=][url][newvalue][/url][/grep][/unurl][/text] [text]newvalue=[grep search=%0D%0D&replace=

][newvalue][/grep][/text] [text]newvalue=[grep search=%0D&replace=
][newvalue][/grep][/text] [text]newvalue=[convertchars table=basic_conversions][newvalue][/convertchars][/text] The cleaned variable is then displayed and stored as:

[newvalue]

--000e0cd297022e92a5046c720c96 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi guys,

Here is what I do - you can see it in action he= re:

=C2=A0http://www.foe.ie/= blog/2009/05/29/policymaking-21st-century-style-by-tweet/#comments

I only allow limited HTML - <strong> <em> a= nd <a href=3D""></a> - though it could be extended to= allow other tags. =C2=A0Basically I grep and replace the allowed tags and = then remove all other HTML. =C2=A0I don't worry about WebDNA tags as I = ensure the input comment is not wrapped with [interpret].

- Tom


So the posted variable is [comment]

[table name=3Dbasic_conversions&fields=3Dfrom,to]<= /div>
&<= /span>&amp;
"= &quot;
[/table]

[text]newvalue=3D[grep search=3D&l= t;(strong|/strong|em|/em|blockquote|/blockquote)>&replace=3D|\1|][co= mment][/grep][/text]
[text]newvalue=3D[grep search=3D<a href=3D"([^"]*)"([^&g= t;]*)>([^<]*)</a>&replace=3D|a href=3D\1|\3|/a|][newvalue][= /grep][/text]
[text]newvalue=3D[removehtml][newvalue][/removehtml][/text]
[= text]newvalue=3D[grep search=3D\|(strong|/strong|em|/em|blockquote|/blockqu= ote)\|&replace=3D<\1>][newvalue][/grep][/text]
[text]newvalue=3D[grep search=3D\|a href=3D([^\|]*)\|([^\|]*)\|/a\|&re= place=3D<a href=3D"\1">\2</a>][newvalue][/grep][/text= ]
[text]newvalue=3D[unurl][grep search=3D%250A&replace=3D][url][newvalue= ][/url][/grep][/unurl][/text]
[text]newvalue=3D[grep search=3D= %0D%0D&replace=3D</p><p>][newvalue][/grep][/text]
[text]newvalue=3D[grep search=3D%0D&replace=3D<br />][newvalue][= /grep][/text]
[text]newvalue=3D[convertchars table=3Dbasic_con= versions][newvalue][/convertchars][/text]

The cleaned variable is then displayed and stored as:

=C2=A0=C2=A0 <p>[newvalue]</p>
<= div>=

--000e0cd297022e92a5046c720c96-- Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - (Tom Duke 2009)
  2. Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Palle Bo Nielsen 2009)
  3. Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - (Tom Duke 2009)
  4. Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Palle Bo Nielsen 2009)
  5. RE: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) ("Olin Lagon" 2009)
  6. Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Brian Fries 2009)
  7. [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Palle Bo Nielsen 2009)
--000e0cd297022e92a5046c720c96 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Hi guys, Here is what I do - you can see it in action here: http://www.foe.ie/blog/2009/05/29/policymaking-21st-century-style-by-tweet/#comments I only allow limited HTML - and - though it could be extended to allow other tags. Basically I grep and replace the allowed tags and then remove all other HTML. I don't worry about WebDNA tags as I ensure the input comment is not wrapped with [interpret]. - Tom So the posted variable is [comment] [table name=basic_conversions&fields=from,to] & & " " [/table] [text]newvalue=[grep search=<(strong|/strong|em|/em|blockquote|/blockquote)>&replace=|\1|][comment][/grep][/text] [text]newvalue=[grep search=]*)>([^<]*)&replace=|a href=\1|\3|/a|][newvalue][/grep][/text] [text]newvalue=[removehtml][newvalue][/removehtml][/text] [text]newvalue=[grep search=\|(strong|/strong|em|/em|blockquote|/blockquote)\|&replace=<\1>][newvalue][/grep][/text] [text]newvalue=[grep search=\|a href=([^\|]*)\|([^\|]*)\|/a\|&replace=\2][newvalue][/grep][/text] [text]newvalue=[unurl][grep search=%250A&replace=][url][newvalue][/url][/grep][/unurl][/text] [text]newvalue=[grep search=%0D%0D&replace=

][newvalue][/grep][/text] [text]newvalue=[grep search=%0D&replace=
][newvalue][/grep][/text] [text]newvalue=[convertchars table=basic_conversions][newvalue][/convertchars][/text] The cleaned variable is then displayed and stored as:

[newvalue]

--000e0cd297022e92a5046c720c96 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi guys,

Here is what I do - you can see it in action he= re:

=C2=A0http://www.foe.ie/= blog/2009/05/29/policymaking-21st-century-style-by-tweet/#comments

I only allow limited HTML - <strong> <em> a= nd <a href=3D""></a> - though it could be extended to= allow other tags. =C2=A0Basically I grep and replace the allowed tags and = then remove all other HTML. =C2=A0I don't worry about WebDNA tags as I = ensure the input comment is not wrapped with [interpret].

- Tom


So the posted variable is [comment]

[table name=3Dbasic_conversions&fields=3Dfrom,to]<= /div>
&<= /span>&amp;
"= &quot;
[/table]

[text]newvalue=3D[grep search=3D&l= t;(strong|/strong|em|/em|blockquote|/blockquote)>&replace=3D|\1|][co= mment][/grep][/text]
[text]newvalue=3D[grep search=3D<a href=3D"([^"]*)"([^&g= t;]*)>([^<]*)</a>&replace=3D|a href=3D\1|\3|/a|][newvalue][= /grep][/text]
[text]newvalue=3D[removehtml][newvalue][/removehtml][/text]
[= text]newvalue=3D[grep search=3D\|(strong|/strong|em|/em|blockquote|/blockqu= ote)\|&replace=3D<\1>][newvalue][/grep][/text]
[text]newvalue=3D[grep search=3D\|a href=3D([^\|]*)\|([^\|]*)\|/a\|&re= place=3D<a href=3D"\1">\2</a>][newvalue][/grep][/text= ]
[text]newvalue=3D[unurl][grep search=3D%250A&replace=3D][url][newvalue= ][/url][/grep][/unurl][/text]
[text]newvalue=3D[grep search=3D= %0D%0D&replace=3D</p><p>][newvalue][/grep][/text]
[text]newvalue=3D[grep search=3D%0D&replace=3D<br />][newvalue][= /grep][/text]
[text]newvalue=3D[convertchars table=3Dbasic_con= versions][newvalue][/convertchars][/text]

The cleaned variable is then displayed and stored as:

=C2=A0=C2=A0 <p>[newvalue]</p>
<= div>=

--000e0cd297022e92a5046c720c96-- Tom Duke

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

WebCatalog for guestbook ? (1997) Webcat causing crashes left and right! (1997) Cant open pages generated by Webcat (2004) any WEBCAT gurus who are also PERL proficient? (1999) & in Lookups (1997) [WebDNA] Sorry WebDNA server not running /Template ERROR/ Slow speeds (2019) carriage returns in data (1997) Another Large Database Questions (1997) Setting up shop (1997) [WebDNA] limit found per row (2011) 2.0.1 new commands and contexts (1997) Reversed words (1997) GroupField Returns (2002) WebCat2 Append problem (B14Macacgi) (1997) Anyone awake? Newby moves deeper! Sitesearch & Customer (2000) WebMerchant? (1998) WebCatalog on OSX and %CPU (2003) date format (another question) (2000) Emailer setup (1997) Performance Issue (2000)