From: drieux <[EMAIL PROTECTED]>
> It would seem that the current CGI.pm should not
> retranslation of " into &quot; - or am I being naive?
If CGI.pm would be made by Microsoft then it would not. And if you
needed to put into a hidden field something that already is HTML
it'll screw things up.
Keep in mind that the user might have entered those ", <
<B> and others. So if you want them to survive you have to escape
them. Even if that would mean the page will contain
<input type=hidden name=foo value="1 &lt; 2">
if the user entered
1 < 2
Jenda
=========== [EMAIL PROTECTED] == http://Jenda.Krynicky.cz ==========
There is a reason for living. There must be. I've seen it somewhere.
It's just that in the mess on my table ... and in my brain
I can't find it.
--- me
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
