robert_gsfame Posted July 29, 2010 Share Posted July 29, 2010 i have this function to do the prevent html injection function htmlentities(str) { var i,output='',len,char=''; len = str.length; for(i=0;i47 && char<58)||(char>62 && char<127) ){ output += str; }else{ output += "&#" + str.charCodeAt(0) + ";"; } } return output; } but this is not working,anyone got an idea?? thx Link to comment https://forums.phpfreaks.com/topic/209184-htmlentities-not-working/ Share on other sites More sharing options...
xenophobia Posted July 30, 2010 Share Posted July 30, 2010 Before digging into what you're trying to do now, is that a reason to have a client script to escape your HTML string? Usually we do on server side before output to the client. Link to comment https://forums.phpfreaks.com/topic/209184-htmlentities-not-working/#findComment-1092932 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.