What is the best way to strip HTML from a Form text or textarea field? Specifically, I'm getting manual spam entered into the message box of my Contact form.
Community guidelines
Please keep discussions civil and on-topic. Repeated violations may lead to a temporary ban.
Plugins
Solved by pamtbaau View solution
@squirrel, I can think of two avenues:
- Field validation using Regex:
Add a validation to the field which will fail when its content contains an anchor. A simple example:YAMLvalidate: type: textarea pattern: '^(.(?!<a))*$' # Any charactor must not be followed by '<a' required: trueThe form validation will fail on input like "This field contains an <a href="..."> in its text".
- Cleanup textarea:
A custom plugin could respond to eventonFormPrepareValidationand sanitise the data of the form. Eg. when the email form uses field 'message' as body, its field data could be cleansed as follows:PHPpublic function onFormPrepareValidation($event) { $message = $event['form']->getData('message'); $event['form']->setData('message', strip_tags($message)); }
last edited 08/11/20 by pamtbaau
Thank you so much @pamtbaau
The form validation was just what I was looking for. I didn't find much on syntax for the validate before I posted. A regex pattern works great!
Thanks again 👍
Log in to reply.
Suggested topics
| Topic | Participants | Replies | Views | Activity |
|---|---|---|---|---|
| 2 | 42 | 1 week ago | ||
| 2 | 53 | 4 weeks ago | ||
| 3 | 1179 | 1 month ago | ||
| 1 | 47 | 1 month ago | ||
| 3 | 71 | 2 months ago |