marsheng Posted June 29, 2017 Share Posted June 29, 2017 On your web page https://www.w3schools.com/php/showphp.asp?filename=demo_form_validation_escapechar and there is code there for validating the data entered. The function however is never run as any %^#$ data entered is still echoed in the echo line. Surely, these characters should have been removed ? Thanks Wallace Link to comment Share on other sites More sharing options...
justsomeguy Posted June 29, 2017 Share Posted June 29, 2017 That code doesn't remove anything (except leading and trailing spaces, and slashes). It runs trim, which removes leading and trailing whitespace, stripslashes which is generally no longer needed, and htmlspecialchars which will convert certain characters to their HTML-entity equivalents so that the characters get printed on the page instead of the browser seeing them as HTML. You can look up each of those functions in the PHP manual to see more info about them. Link to comment Share on other sites More sharing options...
marsheng Posted June 30, 2017 Author Share Posted June 30, 2017 (edited) What am I doing wrong. If I try the example on the web and enter "&'<>// in the name field - it echos the exact same text. Surely it should have returned null. Edited June 30, 2017 by marsheng Clarity Link to comment Share on other sites More sharing options...
justsomeguy Posted June 30, 2017 Share Posted June 30, 2017 No, like I said it will not remove characters other than leading and trailing spaces. That's not what that code does, it does not remove characters. It's only running the 3 functions (trim, stripslashes, htmlspecialchars). http://php.net/manual/en/function.trim.php http://php.net/manual/en/function.stripslashes.php http://php.net/manual/en/function.htmlspecialchars.php Link to comment Share on other sites More sharing options...
dsonesuk Posted June 30, 2017 Share Posted June 30, 2017 If you use Firefox, select outputted text, right click and select 'View Selection Source' you will see &'<>//<br>&'<>//<br>&'<>//<br>&'<>//<br> Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now