<snip>

echo("<input name=\"input1\" type=\"text\" value=$rows[0]>");

Change to

echo"<input name=\"input1\" type=\"text\" value=\"" . htmlspecialchars($rows[0], ENT_QUOTES) . "\">";

So html characters like > and < won't be interpreted by the browser.

--
Postgresql & php tutorials
http://www.designmagick.com/

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to