[cbk1994]

You should remove the HTML serverside, anyone could still easily send HTML simply by disabling that check on clientside. Same thing goes for admins. The receiver should determine if the sender is an admin. The sender should never tell other people it's an admin since it's not trusted.

Why are you using four triggers to get the online list (which, by the way, is available clientside in allplayers)? Two triggers would work fine. You're also relying on the this. variable to remain unchanged in between the triggers which in this case won't cause problems but is a little naive.

You shouldn't treat booleans as integers (e.g. line 32), this is confusing to the reader although not really a performance issue.

Why is the player sending their own name with the send message trigger? This is easily faked. I could make it look like any player was sending a message if I wanted to.

On line 138 you forgot to close the <font> tag for the admin color and for the message. If you closed the admin color one, you wouldn't need to specify the color as white. This should have hinted you in on the error.

You should name related GUI controls with a similar prefix (e.g. everything should start with Chat_). You're also using a weird mixture of width, height, extent, and clientextent. You should always use client, and pick either extent or width/height and stick with it throughout the script. I prefer width/height but others prefer extent.

Why can't I send a message starting with a space? Shouldn't it just trim my message for me?

That's all I noticed on first read through. Please stop posting in the code gallery until you can produce scripts without blatant errors like these ones. They're bad examples for others. I've brought this up before.