PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

In Case You Missed It...The Week of April 10, 2006
In Case You Missed It... September 2006
Resizing Images with PHP and Mogrify
Using Ajax with PHP to Create an Interactive Web Page
Using PHP to Make Basic vCalendar/iCalendar Events

[PHP-DEV] PHP 4.0 Bug #8095 Updated: Documentation text is hard to decifer From: jimw <email protected>
Date: 01/22/01

Next message: stuarth <email protected>: "[PHP-DEV] PHP 4.0 Bug #8749 Updated: Compile errors with IBM DB2 support"
Previous message: jimw <email protected>: "[PHP-DEV] PHP 4.0 Bug #8121 Updated: Com_load don't exist"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

ID: 8095
Updated by: jimw
Reported By: grant_mjtr <email protected>
Old-Status: Analyzed
Status: Closed
Bug Type: Documentation problem
Assigned To:
Comments:

not a documentation bug.

Previous Comments:
---------------------------------------------------------------------------

[2000-12-15 18:50:12] jmoore <email protected>
The problem we have here is avoiding people possible using HTML maliciously and also making the manual notes readable, maybe we need to use nl2br() and then get rid of the <pre> and only allow the use of < when either on its on, followed by a ? or =, this would solve the problem of malicious HTML being inserted into the notes, another option is also to convert t into &nbsp, what do others think of this.. a regex to test entries going into the database and also all current entries coming out of the database shouldnt be too hard to construct but I agree < and > in the notes is ugly, what do others think about this as an option, can you see any problems with this.. Or allow < in code and convert it to < and > and then convert back the ones we can veryify to be right... Im just not sure about hot to handle them in comparisons cause both < Script> is valid but not easy to catch.. as if($testvar < Script) { is also valid.. can anyone come up with a good solution??

---------------------------------------------------------------------------

[2000-12-04 10:19:26] grant_mjtr <email protected>
Some of the comments added seem to generate html codes for some of the symbols for example line 2 below taken from the variable page:

<PRE>
<?
$A = 1;

I assume that < is in fact the < symbol. If you are a newbie to html and php as I am this makes some of the comments difficult to follow. I do code in c, c++ and java so have a fair idea of what I want to know how to do, its just difficult to read.

Hope you can sort this out at some point as I have been using the manual quite extensively.

Thanks

Michelle Richardson

---------------------------------------------------------------------------

Full Bug description available at: http://bugs.php.net/?id=8095

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

Next message: stuarth <email protected>: "[PHP-DEV] PHP 4.0 Bug #8749 Updated: Compile errors with IBM DB2 support"
Previous message: jimw <email protected>: "[PHP-DEV] PHP 4.0 Bug #8121 Updated: Com_load don't exist"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]