|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2000-12-04 10:19 UTC] grant_mjtr at hotmail dot com
Some of the comments added seem to generate html codes for some of the symbols for example line 2 below taken from the variable page: <PRE> <? $A = 1; I assume that < is in fact the < symbol. If you are a newbie to html and php as I am this makes some of the comments difficult to follow. I do code in c, c++ and java so have a fair idea of what I want to know how to do, its just difficult to read. Hope you can sort this out at some point as I have been using the manual quite extensively. Thanks Michelle Richardson PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu Sep 19 22:01:26 2024 UTC |
The problem we have here is avoiding people possible using HTML maliciously and also making the manual notes readable, maybe we need to use nl2br() and then get rid of the <pre> and only allow the use of < when either on its on, followed by a ? or =, this would solve the problem of malicious HTML being inserted into the notes, another option is also to convert \t into  , what do others think of this.. a regex to test entries going into the database and also all current entries coming out of the database shouldnt be too hard to construct but I agree < and > in the notes is ugly, what do others think about this as an option, can you see any problems with this.. Or allow < in code and convert it to < and > and then convert back the ones we can veryify to be right... Im just not sure about hot to handle them in comparisons cause both < Script> is valid but not easy to catch.. as if($testvar < Script) { is also valid.. can anyone come up with a good solution??