Menu
▾
▴
Re: [phpBT-dev] Htmlspecialchars, htmlentities and encoding
|
From: Ben C. <php...@be...> - 2002-04-30 15:34:05
|
Perhaps you could post a sample of that changes that you are planning to make, or just make changes to one file, so we can take a look at what you are planning on a large scale. I'm not quite clear from your description below on everything that has change, and I'd like to have a better understanding on that regard. One thing I don't understand is the role the magic quotes play in this. On Mon, Apr 29, 2002 at 01:51:42PM -0000, Jirka Pech wrote: > I tested it heavily and I see a need to change it completely. > > It's not clean, how the strings submitted by a form are handled. Somewhere they are inserted into the database as is. Somewhere they are converted with htmlspecialchars or something similar. > > Here the magic quotes are entering the game. We have to set them to 'on'. And don't convert any string before inserting it into database, because there are 3 cases, in which we are printing out the string. > > One is pure html (text in paragraph etc.) and second is form input. In paragraph, we have _can_ put it unformatted, while in form input we _must_ print it out with double quotes translated into """. Last is textarea, which has no need to slash or translate the quotes. > > There is also problem with using of mail function and conversion of special characters. I think the best way to send e-mail is convert it into quoted-printable, encoded with $STRING['lang_charset']. > > Ugh, it's all. If there are is no reason for not repairing it, please tell me, before I will start with it. > > Jirka > > _______________________________________________ > phpbt-dev mailing list > php...@li... > https://lists.sourceforge.net/lists/listinfo/phpbt-dev |
