Edit report at https://bugs.php.net/bug.php?id=62574&edit=1
ID: 62574 Comment by: dagguh at gmail dot com Reported by: thbley at gmail dot com Summary: New operator for htmlspecialchars Status: Open Type: Feature/Change Request Package: *General Issues PHP Version: Irrelevant Block user comment: N Private report: N New Comment: This is valid. @ajf: You should never dop anything "ahead-of-time" in programming. You shoudl escape a variable right before passing it to en environment, that requires this form of escaping Previous Comments: ------------------------------------------------------------------------ [2012-09-04 18:15:37] ajf at ajf dot me (I'm all for this though, I'm just pointing out other options) ------------------------------------------------------------------------ [2012-09-04 18:06:32] ajf at ajf dot me You can escape things ahead-of-time, you know. In fact, I have a feeling you could use foreach to traverse the symtable and escape everything. (don't do that though, that's a horrendous idea) ------------------------------------------------------------------------ [2012-07-16 04:07:43] thbley at gmail dot com Description: ------------ old: <?php echo htmlspecialchars($str, ENT_QUOTES); <?= htmlspecialchars($str, ENT_QUOTES) ?> new: echo <$str>; <?= <$str> ?> or: <?+ $str ?> ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=62574&edit=1