On 23/01/2008, Jochem Maas <[EMAIL PROTECTED]> wrote:
> > The file defines some of my own functions, like these:
> >
> > function clean_html ($dirty) {
> > $dirty=strip_tags($dirty);
> > $clean=htmlentities($dirty);
> > return $clean;
> > }
> >
> > function clean_mysql ($dirty) {
> > $dirty=str_replace ("--", "", $dirty);
> > $dirty=str_replace (";", "", $dirty);
> > $clean=mysql_real_escape_string($dirty);
> > return $clean;
> > }
>
> your functions mix 2 concepts - input filtering and output escaping,
> they should be seperate actions.
They are separate actions. One is on (for example) accept.php and the
other on display.php. However, there are tens of pages which accept
info, and tens of others which display info. And these are just two
functions: I have quite a few more. It would be impossible to break
them up into separate include pages because I'd be including 90% of
them on each page anyway.
Dotan Cohen
http://what-is-what.com
http://gibberish.co.il
א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
