--- Sean O'Donnell <[EMAIL PROTECTED]> wrote: > I've recently encountered a problem with hidden (POST) form fields being > ignored when an html textarea (or text) tag value contains the following > character: '
My guess is that you're displaying this data in HTML and delimiting it with the same character, e.g. something like this: <input type="text" value='<? echo $unescaped_data; ?>' /> If you don't escape your data, you not only will observe the behavior you're experiencing, but you also have a pretty major security vulnerability. You should also be filtering your data to make sure it is valid. Hope that helps. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly Coming Fall 2004 HTTP Developer's Handbook - Sams http://httphandbook.org/ PHP Community Site http://phpcommunity.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
