escape html-entities

escape html-entities

El Forum
Guest

10-27-2008, 07:53 AM

[eluser]sl3dg3hamm3r[/eluser]
Hey there

Form-validator offers to escape html-entities. But is this actually right to escape these stuff before writing to the database? Isn't it rather best practice to store input as it is and escape it after?

If yes, the db-layer doesn't offer any functionality for html-escaping, right? As for me, I didn't find anything like that in the docs.

Sl3dg3

Messages In This Thread

escape html-entities - by El Forum - 10-27-2008, 07:53 AM

escape html-entities - by El Forum - 10-29-2008, 03:38 AM

escape html-entities - by El Forum - 10-29-2008, 08:36 AM

escape html-entities - by El Forum - 10-29-2008, 08:57 AM

escape html-entities - by El Forum - 10-29-2008, 09:08 AM

escape html-entities - by El Forum - 10-29-2008, 09:18 AM

escape html-entities - by El Forum - 10-29-2008, 10:33 AM

escape html-entities - by El Forum - 10-29-2008, 11:05 AM

escape html-entities - by El Forum - 10-29-2008, 12:02 PM

escape html-entities - by El Forum - 10-29-2008, 02:17 PM