> As for books, there are a great deal of books out there that are > teaching terrible procedural PHP code. I happened to read a textbook > used by a large University here in melbourne, MySQL queries had no > 'real_escape_string', $_GET variables were echoed directly to page with > no htmlentities. We should be advocating the use of good code, and > teaching these things properly.
What is the point of this? Is is a guard against XSS? --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected] -~----------~----~----~----~------~----~------~--~---
