html special chars little bug

Brought to you by: brad_fears

html special chars little bug

Forum: Open Discussion

Creator: Nobody/Anonymous

Created: 2003-04-22

Updated: 2003-04-22

Nobody/Anonymous - 2003-04-22

Hi,

I think there's a little bug with the description field of new code entry when I enter a html special char (> or > for instance).

Should use htmlspecialchars() ?

chicobra.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Brad Fears - 2003-04-22
  
  Actually, that was intentional. I strip_tags() some of the fields before inserting them into the database in order to prevent users from trying to insert malicious code.
  
  Perhaps in the next version I should give the administrator the option of allowing/preventing these tags.
  
  If you need to change it, look for the strip_tags() function in the input.php file.
  
  Thanks for the feedback.
  
  --Brad Fears
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.