Store data in DB as is, or escaped?
Posted
by Yegor
on Stack Overflow
See other posts from Stack Overflow
or by Yegor
Published on 2010-04-03T22:22:02Z
Indexed on
2010/04/03
22:23 UTC
Read the original article
Hit count: 267
Whats a better way to store textual data, such as comments, user profile fields that require them to type something in, etc? Store the escaped data right away (using htmlspecialchars in php for example), or put it thru the same function before its echoed out?
© Stack Overflow or respective owner