> Personally, I think this is a bad approach, regardless of how well it is > implemented. I think you will give yourself a false sense of security.
what, then, do you yourself do in such an application requiring a response from the user to massage the data? reject all input that doesn't conform to your whitelist? i shall look into making this the vital part of the escape function. > Hope that helps. most definitely - thank you for the quick response. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
