Posted By

micmath on 08/21/07


Versions (?)

PHP smarty sticky form value

 / Published in: PHP

To avoid script injection attacks an input value requires proper escaping.

  1. # turn off global magic quotes in .htaccess
  2. php_flag magic_quotes_gpc Off
  4. # in your smarty template...
  5. <input type="text" value="{$some_user_input|escape:'htmlall'}">

Report this snippet  

You need to login to post a comment.