Hi Wolfgang!
I think with the specialcharhtml function, you could disable all special characters and make sure you get a notification in text only 😉
our old gb script had the mentioned feature… but this was no WP platform…
it was coded (by a colleague of mine way more into developping than me) as follow
$comment=ucfirst(strtolower(str_replace("\"",""",str_replace("'","\'",str_replace("\'","'",str_replace('"','\"',str_replace('\"','"',undo_htmlspecialchars($_POST[comment]))))))));
$ip=$REMOTE_ADDR;
of (!$ip) {
$ip=getenv("REMOTE_ADDR");
}
$host=@gethostbyaddr($ip);
$this_date=date("Y-m-d H:i:s");
include "includes/dbopen.php";
mysql_query("INSERT INTO guestbook (name,email,url,comment,ladate,host,ip,pays,ligne) VALUES ('$name','$email','$url','$comment','$this_date','$host','$ip','$pays',0)");
$nbrequetes++;
include "includes/dbclose.php";
if ($langue==2){
$lang="Allemand";
} else $lang=($langue==1)?"Anglais":"Français";
$lemessage="<style type='text/css'><!--\ntd,div,li {color:#000000;font:7pt verdana;}\na:link,a:visited,a:active {color:#555555;font:8pt verdana;text-decoration:none;}\na:hover{color:#ECE9D8;position:relative;top:1;left:1;}\ntable.contenu{background-color:#ECE9D8;border-color:#000000;border-style:solid;border-top-width:0pt;border-bottom-width:1pt;border-left-width:1pt;border-right-width:1pt;}\ntd.sephori{border-color:#000000;border-style:dashed;border-top-width:0pt;border-bottom-width:1pt;border-left-width:0pt;border-right-width:0pt;}\ntd.titre{color:#FFFFFF;font:8pt verdana;background-color:#B0C088;border-color:#000000;border-style:solid;border-top-width:1pt;border-bottom-width:1pt;border-left-width:0pt;border-right-width:0pt;}//--></style><table width='100%' border=0 cellpadding=2 cellspacing=0 class=contenu><tr><td class=titre><b>From: </b>".$name." [<a href='mailto:".$email."'>".$email."</a>] <b>on the </b>".format_date(date("Y-m-d H:i:s"),0)."<br /><b>Link: </b><a href='".$url."' target=_blank>".$url."</a><br /><b>Country: </b>".$pays."</td></tr><tr><td><br /><div align=justify>".nl2br(str_replace("\'","'",str_replace('\"','"',$comment)))."</div><br /></td></tr><tr><td class=titre><b>Informations</b></td></tr><tr><td><br /><table border=0 cellpadding=0 cellspacing=0><tr><td><b>Path: </b></td><td>".$SCRIPT_FILENAME."</td></tr><tr><td><b>Language: </b></td><td>".$lang."</td></tr><tr><td><b>CSS: </b></td><td>".$style."</td></tr><tr><td><b>IP: </b></td><td>".$ip."</td></tr><tr><td><b>Host: </b></td><td>".$host."</td></tr><tr><td><b>Screen Resolution: </b></td><td>".$resolution."</td></tr><tr><td><b>Browser: </b></td><td>".$navigateur."</td></tr></table><br /></td></tr><tr><td class=titre><a href='http://www.domainname.com/backoff/' target=_blank>Go to the admin pannel</a></td></tr></table>";
$destinataire="Sand & Mercury's team <webmaster@domainname.com>";
$reponse=$name ."<".$email.">";
$sujet="New entry on guestbook";
$headers="MIME-Version: 1.0\n";
$headers.="Content-type: text/html; charset=iso-8859-1\n";
$headers.="From: Sand & Mercury <webmaster@domainname.com>\n";
$headers.="Reply-To: ".$name." <".$email.">\n";
$headers.="To: Sand & Mercury <webmaster@domainname.com>\n";
$headers.="Organization: http://www.domainname.com\n";
$headers.="Content-Transfer-Encoding: 8bit\n";
$headers.="X-Priority: 3 (Normal)\n";
$headers.="X-Sender: <www.domainname.com>\n";
$headers.="X-Mailer: PHP\n";
$headers.="X-auth-smtp-user: email@domainname.com\n";
$headers.="X-abuse-contact: abuse@domainname.com\n";
mail($destinataire,$sujet,$lemessage,$headers);