I need help understanding the proper sequence of filtering data when sending user inputted comments through ajax.
My input textarea data is filtered like so
$comment = htmlentities(addslashes($_POST['comment']));
And I input that into the database. I need it to simply be safe text that displays symbosl. Now I need to show this content to a member with all the slashes they put in, in their comment.
I don't want to see
The comment\'s not so pleasant to read.
I don't know how to google this question.. or formulate the sentence. I wish to be able to return a nicely formatted comment using ajax aswell. Can anyone point me in the right direction? I just wish not to be hacked :x
Have you tried to strip the slashes before printing?
echo stripslashes($str);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.