Php form data
input data should be validated using functions such as strip_tags and utf8_decode. Dynamics content should be HTML encoded using htmlspecialchars.
The data entered by the user is processed using strip_tags and utf8_decode. why should I use htmlspecialchars to read the data?
The tag has been removed with strip_tags.
Reply to discussion (solution)
If ($ text! = Strip_tags ($ text )){
// It is up to you to decide how to handle HTML content.
}
Utf8_decode is invalid for Chinese characters.
Dynamics content shoshould be HTML encoded using htmlspecialchars
Dynamic content can be HTML encoded using htmlspecialchars
If ($ text! = Strip_tags ($ text )){
// It is up to you to decide how to handle HTML content.
}
Utf8_decode is invalid for Chinese characters.
Dynamics content shoshould be HTML encoded using htmlspecialchars
Dynamic content can be HTML encoded using htmlspecialchars
The utf8_encode () function encodes the ISO-8859-1 string into a UTF-8.
What is the use of the utf8_encode () function? Under what circumstances?
ISO-8859-1 is a single-byte character set
Its alias is latin1. you should know this latin1 (default character set of MySQL)
Latin1, also known as the European standard character set
If ($ text! = Strip_tags ($ text )){
// It is up to you to decide how to handle HTML content.
}
Utf8_decode is invalid for Chinese characters.
Dynamics content shoshould be HTML encoded using htmlspecialchars
Dynamic content can be HTML encoded using htmlspecialchars
So we can only use htmlspecialchars for the input data?
Before saving to the database: $ input_data = htmlspecialchars ($ input_data );
Read from database (no processing required) $ input_data
Why? So Absolute ?!
If you input data from the online editor, do you also use htmlspecialchars?
Moreover, htmlspecialchars does not process '(single quotes), but must be escaped in the database.
Why? So Absolute ?!
If you input data from the online editor, do you also use htmlspecialchars?
Moreover, htmlspecialchars does not process '(single quotes), but must be escaped in the database.
I am a little confused now,
Before saving a form to a database, what processing should be performed on the input data,
What should I do when I read the data from the database to the page?
Escape Special characters during warehouse receiving
Handle the issue as needed after warehouse picking