Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming HTML escaping with Form valiation 1.7.0
HTML escaping with Form valiation 1.7.0
  • El Forum
    Guest
  •  
#3
10-15-2008, 04:40 AM

[eluser]Josip Jelic[/eluser]
I'm running into same problems. In my opinion set_value should escape "'", '"', "<" and ">" when used in value attribute of input field or should we do that by hand every time???

What's the best practice?

Let's take this case:

Someone enters this text in text field: Muhahaha I'm "evil"

Repopulating with set_value produces this:
&lt;input type="text" value="Muhahaha i'm "evil""&gt;
which IS evil Smile

Sry for hijacking the tread..


Messages In This Thread
HTML escaping with Form valiation 1.7.0 - by El Forum - 09-26-2008, 01:52 PM
HTML escaping with Form valiation 1.7.0 - by El Forum - 09-27-2008, 05:34 AM
HTML escaping with Form valiation 1.7.0 - by El Forum - 10-15-2008, 04:40 AM
HTML escaping with Form valiation 1.7.0 - by El Forum - 10-15-2008, 05:48 AM



Theme © iAndrew 2016 - Forum software by © MyBB