Return to Snippet

Revision: 3603
at August 21, 2007 08:45 by micmath


Initial Code
# turn off global magic quotes in .htaccess
php_flag magic_quotes_gpc Off

# in your smarty template...
<input type="text" value="{$some_user_input|escape:'htmlall'}">

Initial URL


Initial Description
To avoid script injection attacks an input value requires proper escaping.

Initial Title
PHP smarty sticky form value

Initial Tags


Initial Language
PHP