p2p.wrox.com Forums

Need to download code?

View our list of code downloads.


  Return to Index  

beginning_php thread: htmlspecialchars


Message #1 by "G.S." <gsadmin@l...> on Tue, 8 Oct 2002 20:23:20 +0200
I have not understood as it works...  

that is, I have not understood like inserting it in my scripts.  

where I must insert?  and like?

 

<FORM ACTION="vai.php" METHOD="POST">
<input type="text" name="prova" size="17"><br>
<input type="submit" value="Invia"  name="Invia"><br>
</form>

 

Thanks


Message #2 by "Periklis Paschidis" <perikpas@o...> on Wed, 9 Oct 2002 14:00:53
its simple. You use it after you take the variables.

example

file1.html
-----------

<form action="file2.php" method="get">
<input type="text" name="UserName">
<input type="submit">
</form>


Now!...

file2.php
-----------

$UserName = HTMLSpecialChars($UserName);
echo "Your name is: $UserName";


So.. if the user has input html code with is name...
example: <b>John</b>

the <b></b> tags will be removed and the name will be seen o screen in 
normal text.

simple is'n it? :-)

I hope i help you.
Message #3 by "Fernando Sotano Camilo" <fcamilo@u...> on Tue, 15 Oct 2002 16:39:37
Actually, HTMLSpecialChars doesn't remove the tags. It just consider the
tags as normal text... For example, if you execute this script (named
special.php):


<form action=special.php method=post>
<input type=text name=nome>
<input type=submit name=envia value=envia>
</form>

<?php
echo "$nome <br>";
$nome=htmlspecialchars($nome);
echo $nome;
?>

And input <b>My name</b> , it would display

My name
<b>My name</b>

The first in bold.
Well... I did my best to make that clear... I swear I tried... lol!

  Return to Index