The codes I tried
Code: Select all
<?= htmlentities($_GET['id']) ?>Code: Select all
<?php echo $_GET['id'] ?>Moderator: General Moderators
Code: Select all
<?= htmlentities($_GET['id']) ?>Code: Select all
<?php echo $_GET['id'] ?>Code: Select all
// bad
echo "http://www.domain.com/profile.php?id=v-&-cat";
// good
echo "http://www.domain.com/profile.php?id=" . htmlentities("v-&-cat");