Code: Select all
<input type="hidden" name="somename" value="My nickname is "evilmonkey" on the devnetwork forums">Thanks!
Moderator: General Moderators
Code: Select all
<input type="hidden" name="somename" value="My nickname is "evilmonkey" on the devnetwork forums">Code: Select all
$myvar = htmlspecialchars($some_string_with_quotes);
echo "<input type="text" name="bob" value="$myvar">";Code: Select all
<input type.... blah blah value='My "name is" blah' />That's worse considering an apostrophe is used much more than a quote.agtlewis wrote:Might work.Code: Select all
<input type.... blah blah value='My "name is" blah' />
HTML is my own.jshpro2 wrote:uhh, addslashes() maybe? You shouldn't trust html to a user though.. big security flaw there
Code: Select all
How's it goin?
-----------------------------
On March 30, 2006, evilmonkey wrote
Hey Dude!Code: Select all
<form>
<textearea>
<?php
echo '<b>test</b>';
?>
</textarea>
</form>