one thing - is this correct?
If you are putting data into a data store it's wise to stripslashes(), strip_tags() and other characters that can cause problems.or did you mean:
addslashes();
strip_tags();
not - stripslashes... because addslashes escapes the charaters which are problem causers.
Chris Stratford [EMAIL PROTECTED] Http://www.neester.com
James Ellis wrote:
***************************************************** The discussion list for http://webstandardsgroup.org/ *****************************************************
Peter Firminger wrote:
Sorry, I don't do PHP. Someone else may have a PHP solution for you.P
I think I did a pretty long post a while back on this subject - probably good to search for it in the archive.
Anyway, the PHP way to do the CF in Peter's example is:
$newString = htmlspecialchars($oldString);
or
$newString = htmlentities($oldString);
The relevant core PHP functions are:
If you are putting data into a data store it's wise to stripslashes(), strip_tags() and other characters that can cause problems.
- htmlspecialchars
- htmlentities
- html_entity_decode
- get_html_translation_table
All available in the PHP manual at php.net/manual/
Cheers
James
***************************************************** The discussion list for http://webstandardsgroup.org/ *****************************************************
