Blogs can now be searched

I added code to allow my blogs to be searched.

I sent it live earlier today then realised it was broken, doh! (I tested it, honest).

I had been using the java StreamTokenizer class to break search terms up for searching in the database, but its API is very strange (some may call it stupid) and took some getting used to.

It now seems to work though.

Next step is to allow posting of comments, so I have been researching cross site scripting vulnerabilities, also known as XSS.

I want to allow people to post limited HTML but need to prevent nasty stuff being posted by malicious users.

I have some code that is ready for testing now – need to write a junit test and prepare a list of nasty urls to throw at it next.

I want to be really happy with it before I let it loose.