2009/3/15 Jason Pruim <pru...@gmail.com>:
> Personally... I don't care who's code it is, if it was me, I'd still go
> out and validate it... If someone typed something out real quick and
> missed a period, it wouldn't be their fault :)
> As has been said by some big higher up's in this very mailing list... "Treat
> all code as pseudo code, don't copy and paste it without understanding what
> it could do to your system" or something along those lines... :)

I second that.
Maybe you should start with removing "</td></tr>" after the first
table has been opened, escape the html special chars used as values
(submit buttons) and escape all request data (e.g. $_POST) before
well - it might not solve your problem (where's the textarea anyways),
but it wouldn't disturb the functionality. :)

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to