Nisse Engström wrote:
On Wed, 18 Feb 2009 10:37:53 -0800, "Michael A. Peters" wrote:

explains a technique to validate the input as well (don't trust that is clean)

Amazing! Not once did they mention htmlspecialchars().


htmlspecialchars causes problems if you are going to use the data with DOMDocument.

I believe the point was to produce a proper _SERVER['PHP_SELF'] - not a sanitized but still borked version.

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to