Re^2: Best way to use escapeHTML

What about like this:

use strict;
use CGI qw(:standard escapeHTML);

my $q = new CGI;

 my $comments = $q->escapeHTML( $q->param('comments') ) || '';

print header();
print "test: $comments";
[download]

Comment on Re^2: Best way to use escapeHTML Download Code

Replies are listed 'Best First'.
Re^3: Best way to use escapeHTML by Anonymous Monk on Aug 08, 2011 at 22:49 UTC
Why?	[reply]
Re^4: Best way to use escapeHTML by Anonymous Monk on Aug 08, 2011 at 23:00 UTC
It could be that if the program is storing the value of: `my $comments = $q->escapeHTML( $q->param('comments') ) \|\| '';` [download] into a DB and if the user is writing something like in this string: "That's my option and <script>TEST</script>". The value will be stored in a save format like: "That's my option and <script>TEST</script>". Tha's why I think is the reason, and why not?	[reply] [d/l]
Re^5: Best way to use escapeHTML by Anonymous Monk on Aug 08, 2011 at 23:12 UTC
It could ... What do you mean it could be? Are you not the original poster ?	[reply]