On 23/01/2008, Jochem Maas <[EMAIL PROTECTED]> wrote: > > The file defines some of my own functions, like these: > > > > function clean_html ($dirty) { > > $dirty=strip_tags($dirty); > > $clean=htmlentities($dirty); > > return $clean; > > } > > > > function clean_mysql ($dirty) { > > $dirty=str_replace ("--", "", $dirty); > > $dirty=str_replace (";", "", $dirty); > > $clean=mysql_real_escape_string($dirty); > > return $clean; > > } > > your functions mix 2 concepts - input filtering and output escaping, > they should be seperate actions.
They are separate actions. One is on (for example) accept.php and the other on display.php. However, there are tens of pages which accept info, and tens of others which display info. And these are just two functions: I have quite a few more. It would be impossible to break them up into separate include pages because I'd be including 90% of them on each page anyway. Dotan Cohen http://what-is-what.com http://gibberish.co.il א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?