> I am taking some value from html form as i shown and i am inserting that
> value be getting thru request.getParameter("<name>") and inserting into the
> table along some other values.
> I am using in servlets.
Hm. I don't know about servlets. Seems like that does something
wrong.
It is pretty dangerous to take html from a form. You can do lots
of evil things. Therefore, most people take care to disable html
from forms or at least only let simple things pass like <B> or
the like.
Hence I guess that the servlet does some sort or
html-disabling/filtering and gets it wrong.
Disabling html from forms is not easy either. See for example the
discussion at http://php.net/manual/en/function.strip-tags.php
for the function strip-tags, which should do just that. (Someone
has found that even this can be circumvented, so they had to
improve another time - see comment 14-Mar-2001 02:23 and
following.)
I use php which is very convenient. You can do eveything you
dream of very easily. In particular, if anything goes wrong, you
can have a look at it and understand why.
But, I must admit, there is a learning curve, as is with
everything.
--
Herzlich
Werner Stuerenburg
_________________________________________________
ISIS Verlag, Teut 3, D-32683 Barntrup-Alverdissen
Tel 0(049) 5224-997 407 · Fax 0(049) 5224-997 409
http://pferdezeitung.de
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
