|
|
|
|
|
|
by Firehed
4918 days ago
|
|
|
It should be better documented to not directly print user input in HTML context, and there should be a very obvious best-practices[1] guide for newbies explaining what to do (and what not to do). But nl2br could only be dangerous is you misunderstand the function's name, description, sample code, and everything else on the documentation. [1] as if they would read it... |
|
|