On Jan 16, 2008 5:21 PM, Daniel Brown <parasane@xxxxxxxxx> wrote: > On Jan 16, 2008 4:54 PM, Eric Butera <eric.butera@xxxxxxxxx> wrote: > > > > On Jan 16, 2008 4:51 PM, Daniel Brown <parasane@xxxxxxxxx> wrote: > > > On Jan 16, 2008 4:48 PM, Eric Butera <eric.butera@xxxxxxxxx> wrote: > > > > You did forget to escape the user input value in case I was trying to > > > > hacks myself. :) > > > > > > > > > > No I didn't. > > > > > > QUOTE: > > > I just whipped it up now, so it's not going to be perfect, but it > > > will give accurate results, without risking any kind of "domain > > > hoarding" > > > > > > Common sense, while not assumed in general, is presumed in this case. ;-P > > > > Not going to help the user who copies and pastes that somewhere > > someday and puts it as a backend to some form. :P > > > > It's also not intended for copy and paste for a backend. Anyone > who does that blindly deserves whatever happens, and shouldn't be > working with something on that level in the first place. I doubt > anyone here, including yourself, would disagree with me on that. > > And kidding or not, making scolding or sanctimonious statements in > a public forum is not really the way to garner any future interest in > your threads. Especially when you won't win, and we'll just wind up > flooding the list with verbal bitchslaps. Zip 'em to my personal > address instead. I never take offense! ;-P > > > -- > </Dan> > > Daniel P. Brown > Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since > Nineteen-Seventy-[mumble]. > ??? This is a forum for newbies to get help on their coding problems. You put code up with a potential flaw in it. We both know it wasn't inteded for copy/paste. What about the beginner who on the offhand chance does a Google search and finds your code and does put it into a file? Somebody starting out won't know about escaping data based on context. We've had this debate before and I really think you need to take a step back and realize you are giving answers not asking questions. I think saying "they know that" isn't correct because in a lot of cases people don't. I am sorry that I struck a nerve with my response as that wasn't my goal. I just hoped that it would be in the archives in case somebody did stumble upon the thread. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
