I agree with your last. I just came across that function reading more about XSS attacks. But it may cause more problems than use, as there is no way to decode/reverse the encoding.
Re: & Ideally any of the four special HTML characters (&<>") in a string if marked up to HTML should be encoded with htmlspecialchars( NO_QUOTES) Otherwise such characters could be used to construct dangerous insertions. So I would not try to isolate the effort to ' & ' (space either side). But are the & not behaving just right with the latest release? ~Hans --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "BoltWire" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/boltwire?hl=en -~----------~----~----~----~------~----~------~--~---
