On Mon, January 14, 2008 3:17 am, Jochem Maas wrote: > I think actually the whole url should be urlencoded as a matter of > course, not > 100% sure about this (and it's way to early on a monday to bother > checking up ;-) ... > maybe someone else can chime in? Actually, after you urlencode() the values, you should htmlentities the whole URL, as it is being passed to HTML as a value to be output to HTML. The whole URL should *NOT* be URL-encoded, however. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
