Page 1 of 1

dont want html displayed

Posted: Wed Mar 14, 2007 5:22 am
by psychotomus
should I stop html from even being entered into the sql database or should I just strip the html before being outputted to the page?

Posted: Wed Mar 14, 2007 6:22 am
by xinnex
As a general rule, HTML has no place in the database.

That said, there are situationens where it makes sense.
If you are going to do this, then I would advise also storing a "clean" version of the text (stripped from html-tags).

And yes, escape it..