How does one do this? If you have a text input field which can be in *any* language, which will get stored in the db, how do you protect against script injection?
If it's just english, I normally only accept characters from a given list (something like /[A-Za-z0-9]/ , plus whitespace and punctuation). But if the input can be in any language .... ?? -- Daniel McBrearty email : danielmcbrearty at gmail.com www.engoi.com : the multi - language vocab trainer BTW : 0873928131 _______________________________________________ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/