www.webdeveloper.com
Results 1 to 3 of 3

Thread: PHP Site search Script (Null any JS or HTML loaded in Search bar)

  1. #1
    Join Date
    Dec 2011
    Location
    California
    Posts
    11

    PHP Site search Script (Null any JS or HTML loaded in Search bar)

    I'm building a site right now and am wondering how to edit my php code for my site search so that it doesn't allow any JS or HTML for security purposes. I have the code listed below and was wondering how you would go about coding this. Also feel free to include any pointers or tips....Thank you.

    <form action="<?php echo home_url(); ?>/" method="get" id="searchform">
    <fieldset>
    <div id="searchbox">
    <input class="input" name="s" type="text" id="keywords" value="<?php _e('to search, type and hit enter','cosmotheme') ?>" onfocus="if (this.value == '<?php _e('to search, type and hit enter','cosmotheme') ?>') {this.value = '';}" onblur="if (this.value == '') {this.value = '<?php _e('to search, type and hit enter','cosmotheme') ?>';}">
    </div>
    <p class="button hover square">
    <input type="submit" name="search" value="<?php _e('Search','cosmotheme') ?>">
    </p>
    </fieldset>
    </form>

  2. #2
    Join Date
    Jan 2010
    Location
    Perth
    Posts
    133
    Yep. On the search PHP page, before you do any processing, use something like the following.

    PHP Code:
    <?php
    //declare variable
    $VARIABLE $_GET['s'];
    //strips tags of any HTML
    $VARIABLE strip_tags($VARIABLE);
    //If you have < 5.3(or 5.2?) you can use PCRE expressions to sanitize any input that will interact with the DB.
    $VARIABLE filter_var($_GET['s'], FILTER_SANITIZE_STRING);
    ?>

  3. #3
    Join Date
    Dec 2011
    Location
    California
    Posts
    11
    Thank you very much! WEBDEV is a great place to seek help!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles