Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming escape html-entities
escape html-entities
  • El Forum
    Guest
  •  
#3
10-29-2008, 08:36 AM

[eluser]drewbee[/eluser]
I agree with this practice completely. I do not like touching user data going in, but fixing it on the way out. If you change it on the way in, it makes it that much harder to track and debug.

Also, the following scenario may offer advice on why you would do this.

Lets say you have a database column VARCHAR with a maxlength of 10.

Now lets say through a form the user inputs the following: 'go>to>here'

So the above is 10 characters correct? Nope. Not after escaping it.

What would be inserted into the database is 'go>to>' at its 10 character limit, obviously ommiting a very important section of the string.

Hope this helps...


Messages In This Thread
escape html-entities - by El Forum - 10-27-2008, 07:53 AM
escape html-entities - by El Forum - 10-29-2008, 03:38 AM
escape html-entities - by El Forum - 10-29-2008, 08:36 AM
escape html-entities - by El Forum - 10-29-2008, 08:57 AM
escape html-entities - by El Forum - 10-29-2008, 09:08 AM
escape html-entities - by El Forum - 10-29-2008, 09:18 AM
escape html-entities - by El Forum - 10-29-2008, 10:33 AM
escape html-entities - by El Forum - 10-29-2008, 11:05 AM
escape html-entities - by El Forum - 10-29-2008, 12:02 PM
escape html-entities - by El Forum - 10-29-2008, 02:17 PM



Theme © iAndrew 2016 - Forum software by © MyBB