hmm, so if I use "htmlentities" it doesnt matter what the user puts into my form fields?
For example I want the street and city, I dont need worry when I insert with "htmlentities"?
Sorry for asking that much, cause, if so, I can use less code, cause I dont need all that validation.
Am I right, when I say, I use the WA validation to FORCE the user to insert LIKE I want.
If I dont want to foce the useer, it allright only to use "htmlentities" in the DA wizzard?
Is the WA "htmlentities" with "ENT_QUOTES"
can you also explaine the diffrence between:
<?php echo (htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES)); ?>
<?php echo (htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES)); ?>?<?php echo preg_replace("/^&/", "", preg_replace("/&?invalid=true/", "", $_SERVER["QUERY_STRING"])); ?>
Which is better to use?