At 7:08 PM +0100 6/10/09, Ashley Sheridan wrote:


So something like this would be acceptable?:

$searchTerms = (isset($_REQUEST['q']))?$_REQUEST['q']:'';
$searchTerms = htmlentities($searchTerms);
$dbSearchTerms = mysql_real_escape_string($searchTerms);

Giving me two variables, one for display output to user, the other for
use in the database?

Thanks
Ash

Ash:

I wouldn't use $_REQUEST.  If you know the request method then use it.

There can be problems using $_REQUEST.

Cheers,

tedd

--
-------
http://sperling.com  http://ancientstones.com  http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to