Looks like I was just thinking about the problem too hard.
Thaddeus
John W. Holmes wrote:
Thaddeus J. Quintin wrote:
CPT John W. Holmes wrote:
--<SNIP>--
> Try this:
>
> <textarea name="text">This is <some> text</textarea>
>
> If you submit that "text" and then print $_REQUEST['text'], you'll see that
> you have
>
> This is <some> text
--<SNIP>--
Ok, but that only makes me realize the further extent of the problem.
If the HTML file that they upload has '<' or '>' entities, then these characters will be displayed in the text area as '<' and '>' symbols. So when the text is submitted from the textarea, all of the user's HTML entities will have been destroyed.
Any thoughts on this problem?
Yep, of course. :)
If there is a < in the file, when you apply htmlentities(), it'll come out in the HTML source as &lt; and appear as < in the rendered <textarea>. So... it's not an issue.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
