prep_for_form vs htmlentities

prep_for_form vs htmlentities

El Forum
Unregistered

07-16-2009, 05:16 PM

[eluser]sszynrae[/eluser]
maybe this interests you:
1. enabling global xss filtering automatically runs converts html entities on insert.
2. html_entity_decode() reverses the effect so your html gets read.
3. whatever the validation rule does, it does not convert &<>

Messages In This Thread

prep_for_form vs htmlentities - by El Forum - 05-14-2008, 02:52 AM

prep_for_form vs htmlentities - by El Forum - 05-14-2008, 07:21 AM

prep_for_form vs htmlentities - by El Forum - 05-14-2008, 10:24 AM

prep_for_form vs htmlentities - by El Forum - 05-14-2008, 11:11 AM

prep_for_form vs htmlentities - by El Forum - 05-14-2008, 10:30 PM

prep_for_form vs htmlentities - by El Forum - 05-15-2008, 07:05 AM

prep_for_form vs htmlentities - by El Forum - 07-16-2009, 05:16 PM