in reply to Re^2: Best way to use escapeHTML
in thread Best way to use escapeHTML

Why?

Replies are listed 'Best First'.
Re^4: Best way to use escapeHTML
by Anonymous Monk on Aug 08, 2011 at 23:00 UTC
    It could be that if the program is storing the value of: 
    my $comments = $q->escapeHTML( $q->param('comments') ) || '';

    [download]
    into a DB and if the user is writing something like in this string: "That's my option and <script>TEST</script>". The value will be stored in a save format like:
    "That's my option and <script>TEST</script>".
    Tha's why I think is the reason, and why not?
[reply]
[d/l]

      It could ...

      What do you mean it could be? Are you not the original poster ?

[reply]

In Section Seekers of Perl Wisdom