[eluser]dmorin[/eluser]
I've noticed that the xss_clean function seems to add a semi-colon to any string that contains an ampersand. For example, if someone writes "AT&T;Park" in a textarea and I run it through the xss_clean function, it will return "AT&T;Park".
Has anyone else seen this? Any recommendations? Thanks.
Edit: This is pretty funny.....they must use xss_clean for this forum, so both of the things above say AT&T;Park. What it should say is:
AT
ampersandT Park