On Mon, Apr 18, 2011 at 14:42, tedd <t...@sperling.com> wrote:
> No, I had a simple form where IF the user entered:
> <script> alert("Evil Code");</script>
> -- into the form's text field (i.e., $_POST['text'] ) AND clicked Submit,
> the form would
> echo( $_POST['text'] );
> Here's the form:
> works and I want to find out why. The most popular reason thus far is
> "Browsers have changed", but I'm not sure as to what did change.
Look at the post-processing source --- note the slashes. Apply
stripslashes() to the output on the PHP side and all should be right
again with the world.
</Daniel P. Brown>
Network Infrastructure Manager
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php