This is why I always escape all output in web applications I write unless I really don't need it. It is just safer, as it saves you from potentially incorrect assumptions about your data.
--
Ilya Martynov, ilya@iponweb.net
CTO IPonWEB (UK) Ltd
Quality Perl Programming and Unix Support
UK managed @ offshore prices - http://www.iponweb.net
Personal website - http://martynov.org
| [reply] |