Michael Gale wrote:
I am working on a ticket tracking system and using htmlentities and
htmlspecialchars on text that gets inserted into the database.
code I have:
--snip--
if ((isset($_POST['tentry_body'])) AND strlen($_POST['tentry_body']) 5)
{
$query .= tentry_body = ' .
Hello,
I am working on a ticket tracking system and using htmlentities and
htmlspecialchars on text that gets inserted into the database.
code I have:
--snip--
if ((isset($_POST['tentry_body'])) AND strlen($_POST['tentry_body']) 5) {
$query .= tentry_body = ' .
On Sun, 2004-12-19 at 18:31, Michael Gale wrote:
Hello,
I am working on a ticket tracking system and using htmlentities and
htmlspecialchars on text that gets inserted into the database.
code I have:
--snip--
if ((isset($_POST['tentry_body'])) AND strlen($_POST['tentry_body'])
Hi, a couple of comments:
--snip--
htmlentities(htmlspecialchars($_POST['tentry_body'])) . ';
--snip--
Why are you using both htmlentities and htmlspecialchars? Think that
html only converts some entities while htmlentities converts all ...
so, for your purposes, apliying only one could do
Hello,
Thanks for all of the responses ... I am going to use
mysql_real_escape_string.
Michael.
Jordi Canals wrote:
Hi, a couple of comments:
--snip--
htmlentities(htmlspecialchars($_POST['tentry_body'])) . ';
--snip--
Why are you using both htmlentities and htmlspecialchars? Think that
html
5 matches
Mail list logo