Hi Pierre-Yves,
> Do any of you use to input data coming from an HTML form into a database
> without filtering ? Very often this data is to be output sooner or later in
> an HTML page. So, forgetting to filter for character such as ', ", < or &
I filter ',",< or >,but How come I gotta filter & character ?
What does it cause ?
I guess & character doesn't cause any problem, once I filter ' or " .
Thank you.
Fumitada.
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
