On Thu, 05 Aug 2004 12:35:59 +0200, Jordi Canals <[EMAIL PROTECTED]> wrote:
> John Holmes wrote:
>
> >> $uservar = htmlspecialchars(strip_tags($uservar));
> >
> > You don't need to use strip_tags _and_ htmlspecialchars()... unless you
> > want strip_tags to get rid of such malicious and deadly con
From: "Jordi Canals" <[EMAIL PROTECTED]>
> John Holmes wrote:
>
> >> $uservar = htmlspecialchars(strip_tags($uservar));
> >
> > You don't need to use strip_tags _and_ htmlspecialchars()... unless you
> > want strip_tags to get rid of such malicious and deadly content such as
> > and . Just use htm
John Holmes wrote:
$uservar = htmlspecialchars(strip_tags($uservar));
You don't need to use strip_tags _and_ htmlspecialchars()... unless you
want strip_tags to get rid of such malicious and deadly content such as
and . Just use htmlspecialchars().
Well, my idea was to apply both: I do not want
On Thu, 05 Aug 2004 03:11:33 +0200, Jordi Canals <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I have some forms on which user must enter some data. This data is
> sometimes used to be inserted/updated in the database, and sometimes to
> query it with a SELECT.
>
> The scripts that do that, does not a
Jordi Canals wrote:
Hi all,
I have some forms on which user must enter some data. This data is
sometimes used to be inserted/updated in the database, and sometimes to
query it with a SELECT.
The scripts that do that, does not accept html code to be entered. I
think with that we have some issues
5 matches
Mail list logo
