Any questions involving matching text strings to patterns - the pattern is called a "regular expression."
Moderator: General Moderators
Locust
Forum Commoner
Posts: 31 Joined: Sat Jul 22, 2006 10:26 am
Post
by Locust » Wed Aug 02, 2006 4:49 pm
Code: Select all
$smessage = ereg_replace("\"", """, $_POST['field']);
$smessage = ereg_replace("<", "<", $smessage);
$smessage = ereg_replace(">", ">", $smessage);
$smessage = ereg_replace("'", "'", $smessage);
$smessage = ereg_replace("&", "&", $smessage);
Basically getting characters that could possibly tamper with HTML to be replaced with HTML-friendly characters. Should I go about this a different way?
Luke
The Ninja Space Mod
Posts: 6424 Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA
Post
by Luke » Wed Aug 02, 2006 4:50 pm
htmlentities()
Locust
Forum Commoner
Posts: 31 Joined: Sat Jul 22, 2006 10:26 am
Post
by Locust » Wed Aug 02, 2006 4:52 pm
Didn't know about that one
Thanks
Locust
Forum Commoner
Posts: 31 Joined: Sat Jul 22, 2006 10:26 am
Post
by Locust » Wed Aug 02, 2006 4:54 pm
I also had another line I didn't add
Code: Select all
$smessage = ereg_replace(13, "<br>", $smessage);
To replace carriage returns. htmlentities() does not compensate for this. Should I use the code I wrote?
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Wed Aug 02, 2006 4:57 pm
ereg is slow and soon to be deprecated.
htmlentities() doesn't care about carriage returns, they aren't entities.
nl2br()
Locust
Forum Commoner
Posts: 31 Joined: Sat Jul 22, 2006 10:26 am
Post
by Locust » Wed Aug 02, 2006 5:02 pm
Perfect