Code: Select all
$query=$_GET["query"];
<input maxlength=2048 size=70 name="query" value="<?php echo "$query"; ?>" title="search">i tried stripslashes() but then it mixed up the html around...
i cant thing of anything else...
Moderator: General Moderators
Code: Select all
$query=$_GET["query"];
<input maxlength=2048 size=70 name="query" value="<?php echo "$query"; ?>" title="search">Code: Select all
<?php
$query=htmlentities($query);
$query=stripslashes($query);
?>well, no one tried to... as for opening message, there was a bit difference in requirement written and needed.pedrotuga wrote:well.. i dont want to start a fight here or anything...
but i think the thrad opening mesage is very clear...i even post the code.
i posted the previous answer for this matter only...pedrotuga wrote:echoing a quote just the way it is would break the html
for that feyd pointed you at a right place.pedrotuga wrote:escaping the quote would put extra backslashes before the special characters... so i didnt know what to do.
Code: Select all
value="<?php echo htmlentities(stripslashes($query)); ?>"