how to check whether string contains characters like <% or <? tags or mysql tags.
for example
<% String eid = request.getParameter("eid"); %>
<?php ?>
or <?
my page is total depend on javascript
so while its submitting form its giving me error or accepting codes which it should not.
for tags i have added
function isHTML(str)
{
var a = document.createElement('div');
a.innerHTML = str;
for (var c = a.childNodes, i = c.length; i--; )
{
if (c[i].nodeType == 1) return true;
}
return false;
}
but what about other tags?
or for specials characters I have added
var regex2 = /^[`~0-9!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]*$/;
var spl_char=regex2.test(decription_string)
if(spl_char==true)
{
alert("Please enter valid skill description.");
document.getElementById('description').focus();
return false;
}
is there anything which i should add to regex expression to avoid above issues?