• Use stripslashes to remove any added \ made by the php server
  • Use htmlspecialchars to avoid any special chars being taken as html tags.


$yname = stripslashes($_REQUEST[you]);
$yourname = htmlspecialchars($yname);

$ynationality = stripslashes($_REQUEST[nationality]);
$yournationality = htmlspecialchars($ynationality);

<title>This is an IO demo</title>
<body bgcolor=#88CCFF>
<h1>Input and Output</h1>
<tr><td>Please enter your name <td><input name = you value="<?= $yourname ?>">
<tr><td>Please enter your nationality <td><input name = nationality  value="<?= $yournationality ?>">
<input type=submit>

if ($yourname){
print <<<END
Previous entry:<br>
<li>name: $yourname <br>
<li>nationality:  $yournationality <br>


-- PeterJones - 08 Nov 2006

This topic: Main > TWikiUsers > ChadStevenFlores > MyNotes > PhpCourse > ExampleInputOutput
Topic revision: r1 - 2006-11-08 - PeterJones
This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback