Hi,
I am under the impression that we have to provide an alternative to
htmlspecialchars() that incorporates the following ideas:
- Shorter function name
html_escape() for example. _h() would be much more preferable in
terms of preventing XSS ;-p
- Using default_charset as the default encoding
On 03.05.2010, at 00:53, Brian Moon wrote:
> I am not sure if this has been discussed or not. I will gladly make an RFC if
> not. I think it would be very intuitive if htmlspecialchars used the ini
> value default_charset as its default. And any function that takes an optional
> character set.
I am not sure if this has been discussed or not. I will gladly make an
RFC if not. I think it would be very intuitive if htmlspecialchars used
the ini value default_charset as its default. And any function that
takes an optional character set.
A) Has this been discussed?
B) If not, do others t
