Hi Adam, On Wed, Feb 11, 2015 at 8:53 AM, Adam Harvey <ahar...@php.net> wrote:
> - Actually, it's worse than that, because there's no charset-aware > escaping function at all: the only option is addslashes(), which has > interesting security implications if you're using certain charsets. > I suppose you know very well about encoding security. It's fatal indeed, especially in Japan and some other East Asian countries. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net
