|
|
|
|
|
|
by horizone
2457 days ago
|
|
|
> It’s really easy to write PHP, which means that people who don’t know about escaping input write PHP. Not trying call you out on this point, more it made me laugh. Our lead developer strips out characters that break his XML importer (lets just say they are standard common characters, heck, he changes chr(13) to a string so he can switch it back later because he doesn't know how to handle multiple lines in an XML value). People who don't know how to escape inputs / actually handle data properly are in every language. We cringe on a daily basis. |
|
|