>
> Ooops. I was just addressing the problem of outputting the data in a
> more clean way, obviously there is more code that could check the data
> integrity. Sorry that I didn't make that clear. As I see it this was a
> question about making the code cleaner, not so much about the bigger
> issues relating to how clean data is... when I am getting data from a
> web form, I validate it BEFORE putting it into the database. So,
> everything coming out of the database is presumed to be clean, because
> it was already parsed.
>
I just wanted to point out that there may be a problem. Of course it depends
on your data, but also if you clean up your data before, strange results can
happen, if your database contains a < . Normaly I would expect to have < in
a database and escape it when I create html and not to store < in the
database. That's what escmode is for.
I don't want to say that you are doing stupid things, I just want to say,
that you have to think about what you do and your solution could be the very
best in your context, but very dangerous in another context. As long as you
are aware of this possible problem, it is ok.
Gerald
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
