Archive | Uncategorized RSS for this section

URLS to LINKS

In acontent management system I was working on at work we noticed there was a couple of problems with how the URLs entered by users broke our web site due to their length. We also had a request to automatically turn hand typed URLs into links, so here is what I did in C#

Added the RegEx namespace:


using System.Text.RegularExpressions;

Here is the method I added to our utility class:


public string URLsToHyperlinks(string sInput)
{

return Regex.Replace(sInput, @”(\bhttp://[^ ]+\b)”, @”<a href=””$0″”>$0</a>”);

}

Here is a function that does the same thing only in PHP


function urls_to_hyperlinks($text)
{

return preg_replace( “`((http)+(s)?:(//)|(www\.))((\w|\.|\-|_)+)(/)?(\S+)?`i”, “<a href=\”http\\3://\\5\\6\\8\\9\” title=\”\\” target=\”_blank\”>\\5\\6</a>”, $text);

}

Advertisements

Email White Lists / Avoiding Spam Filters

A few weeks ago asked to find out why some of our users were not getting email from our web site. My first thought was that I did everything I needed to do already and that there was not anything we could do to make our mail be accepted by recipient mail servers. Long story short, I found a few things that I could quickly do to make a difference.

Here are a few simple things I needed to change:

  1. Make sure your mail server has reverse DNS.
    its pretty strait forward, all you have to do is contact your ISP and ask them to delegate the reverse dns to you. I set them up in about 15 minutes. I found out that AOL email servers will not accept email from servers that do not have their reverse dns setup. To see if your server is setup you can go to: http://postmaster.info.aol.com/tools/rdns.html
  2. Make sure your email headers are not throwing red flags.
    I had to make a couple of changes to the postfix main.cf file because it was sending the mail from domain.com instead of the correct relay.domain.com.
  3. Add a SPF entry to your dns zone.
    I was doing a test on one of those cool DNS testing sites and saw that I should have my SPF configured. I had no idea what it even was and then I search google and found this site http://spf.pobox.com/wizard.html?mydomain=domain.com&x=24&y=6. from there I just completed the wizard and edited my zone files and I was good to go.

Of course there are many other things I have done to ensure the legit email I send is not counted as spam, but these were three things that caught me by surprise.

I’m no mail server expert, but with the help of AWStats I can see now that email is being sent and there are 90+% less errors.

Numbers likes these are hard to ignore… (wasn’t that on a TV commercial? 😉

C# Quickly remove un supported HTML tags from forms

While building a some forms for a web site, I realized that there were some users that were using HTML tags in forms that I wasn’t happy about. I didn’t mind some tags since they were hrmless and gives the users who know HTML some ability to alter presentation. So here is what I did in C# to clean up/remove HTM tags. I am sure there are many ways to improve it (so feel free to.)


// this method will remove *most* malicious code leaving allowed 
// HTML intact
public static string stripHTMLTags(string input)
{
    string output = "";
    // break the comments so someone cannot add an open comment
    input = input.Replace("<!--", "");

    // strip out comments and doctype
    Regex docType = new Regex("<!DOCTYPE[.]*>");
    output = docType.Replace(input, "");

    // add target="_blank" to hrefs and remove parts that are 
    // not supported
    output = Regex.Replace(output, "(.*)", @"$5");

    // strip out most known tags except (a|b|br|blockquote|em|h1|h2|
h3|h4|h5|h6|hr|i|li|ol|p|u|ul|strong|sub|sup)
    Regex badTags = new Regex("< [/]{0,1}(abbr|acronym|address|applet |area|base|basefont|bdo|big|body|button|caption|center|cite|code|col |colgroup|dd|del|dir|div|dfn|dl|dt|embed|fieldset|font|form|frame |frameset|head|html|iframe|img|input|ins|isindex|kbd|label|legend |link|map|menu|meta|noframes|noscript|object|optgroup|option |param|pre|q|s|samp|script|select|small|span|strike|style|table |tbody|td|textarea|tfoot|th|thead|title|tr|tt|var|xmp){1}[.]*>");
    return badTags.Replace(output, "");
}

Here were a couple of web sites that I used as a reference:
Regular Expression Reference – http://www.regular-expressions.info/reference.html

A somewhat comprehensive list of HTML tags – http://www.w3schools.com/tags/default.asp