I have read somethings about these issues. And i understand that If you use htmlentities() BEFORE insertion, when querying DB from XML, PDF or other data format, there will be some problems.
I have some PHP books, the author codding like Martin Zvarík's way. If you have any pros and cons please share us. Thanks. 2009/6/23 Martin Zvarík <mzva...@gmail.com> > >> Don't htmlentiies() before DB save. In general: >> >> - mysql_real_escape_string() before DB insertion >> >> - htmlentities() before dispaly >> >> > > I, on the other hand, would do htmlentities() BEFORE insertion. > > > Pros: > --- > The text is processed once and doesn't have to be htmlentitied() everytime > you read the database - what a stupid waste of performance anyway. > > > Cons: > --- > Instead "&" you'll see "&" ... is that a problem? Not for me and I > believe 80% of others who use DB to store & view on web. > > > > Martin > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
