|
Re: database programming
well, you probably shouldn't allow people to put HTML in the description boxes... try looking at the page for team 1020 to see what I mean.
you should run the PHP function strip_tags() on all incoming input from textboxes. also, you might considering running nl2br() on it after strip_tags to make newlines display correctly in html.
|