php-windows Digest 27 May 2005 16:11:33 -0000 Issue 2679
Topics (messages 26046 through 26046):
Crazy user input with html in it
26046 by: Ross Honniball
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Hi all,
Say you get some text field from a user and store it in a database. Then
later you display this input. If the user has coded html in the actual
input, without running this through some kind of parsing function, it could
give you some odd results.
For example, say the user types in, as text <input type="text">
Then when you display this data (echo it), your page will show an html
input box.
I think there are a number of functions in php to cope with this, but
wondering what people find to be the best/most efficient or whatever one.
What do you do?
..
.. Ross Honniball. JCU Bookshop Cairns, Qld, Australia.
..
--- End Message ---
