Editing (v7+)

Preferred method of outputting strings into forms

Permalink June 20, 2013 at 8:58 AM

Hi

Is there a preferred method od outputting strings into forms?

I have found the text helper none of its functions will stop something like this breaking a form's output

"<script>alert("a")</script>

It strips the tags, but leaves in the first double quote, which breaks value="" within an input.

Thanks

synlag replied on Jun 22, 2013 at 12:18 am Permalink Reply

Hi,

what about:

$th = Loader::helper(‘text’);
$text = $th->entities($text);

Greets

yolk replied on Jun 24, 2013 at 6:10 am Permalink Reply

That won't fix the single or double quote issue?

Forums

Editing (v7+)

Preferred method of outputting strings into forms

Code

Post Reply

Delete Post

Mark Post as Spam

Destroy Spammer

Sign In?