Could you enlighten me on the advantages or disadvantages and dangers of
turning-on both magic_quotes_gpc and magic_quotes_runtime?
Thanks,
Floyd Piedad
Plutarck wrote:
> Check magic_quotes_runtime in your ini. If it's on, turn it off.
>
> Use the htmlspecialchars() family of functions. They will "hide" HTML in
> that the browser will not attempt to parse. so "<B>" will be displayed as
> "<B>", and not make all the text turn to bold.
>
> --
> Plutarck
> Should be working on something...
> ...but forgot what it was.
>
> ""Dddogbruce (@home.com)"" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > there is NO way of hiding the html from the user.
> > > the browser can't output otherwise. You can only
> > > try to make it difficult to get the source.
> >
> > I want to hide the HTML from the browser. If someone adds some malicious
> > code, or even <u></u> I don't want it to underline.
> >
> > > Where does the " 's " problem come in? More detail plz.
> > > Is it a part of a text? Then try htmlspecialchars() or
> > > htmlentities().
> >
> > Say I right "Hiya, my name's Owen" on the submission part of the form.
> It'll
> > show up as "Hiya, my name\'s Owen" on the output (which is a .txt file.)
> >
> > HTH,
> > Owen
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
