Now that I've figured out how to get the HTML typed into the editor into a SQL database field, I'm wondering about validating the user's input into the control. I want to avoid SQL injection attacks and potentially troublesome code being sent to someone's browser.

 

Does ver 5.0 of the Editor include a built-in method for detecting unwanted code? If not, perhaps someone has some code that detects unwanted code via parsing the Editor1.XHTML string prior to insert/update into the database.