php - How to disable executing scripts in input? -


i'm using prepared statements "post" on page, when write something, shows without problems, when input text :

<div style="border:2px solid #000;">some text</div> 

it styles output... tried on facebook , when try there, shows normal text...(naturally)... supposed ? thanks!

use htmlentities() when displaying output. translate < , > characters entities &lt; , &gt;, they'll rendered literally instead of processed html:

echo htmlentites($variable); 

Comments

Popular posts from this blog

javascript - Bootstrap Popover: iOS Safari strange behaviour -

Website Login Issue developed in magento -

Can the constants be defined inside a model file of a framework in PHP? -