i am after suggestions for a good piece of code/script/plugin for checking/cleaning text that a user can enter, to ensure there is no injection, or potentially unwanted entry.
i have an asp site that users can log into and update there profile information, i would like for them to be able to enter some html formatting rather than straight text only, however i need to ensure that they cant be malicious and inject anything.t
one solution i had was to give them a standard format, eg Leadtext, Bullet point 1, Bullet point 2, Bullet point 3, Bullet point 4, EndText. However his is little better than what i have now.
Any suggestions guys.
Points will be split amoungst all that offer good advise,
Please bear in mind that i am by no means an experianced programer.