> Actually, yes, the data is likely to be redisplayed to the users on a > website.
I covered that in my answer. Likely maybe; a certainty no. > However, when shoving the data to the browser, I use > htmlentities(). Is it recommended to use strip_tags() before sending to > htmlentities()? Not unless you need to strip HTML tags. Usually htmlspecialchars() is enough. -- Richard Heyes http://www.phpguru.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
