Quote:
|
Originally Posted by rukkyg
nl2br!!!!!! and here I've been using preg_replace all this time. I feel so ashamed.
|
Relax. At least yours works. I wrote the little snippet above because nl2br()
doesn't always work.
In addition to SQL injections, you're going to want to do something about people posting HTML that contains malicious scripts and ActiveX objects. That's why all of these forum programs use the funky "bbCode" square bracket markup.