[Date Prev][Date Next]
At 07:48 AM 1/28/2003, Ugen wrote:
>Any of the developers would mind shedding light as to
>why filter_escape_value is ised on the filter that's received
>in a request? As far as i understood the escaping needs to
>be done on the client side (in order to distinguish special characters
>as parts of string from their "special" meaning to a filter parser).
>By the time filter arrives at the server, shouldn't it have had all the
>special characters parsed already?
Yes. But not that filter_escape_value doesn't unescape
value, it escapes values. It's used to prepare a string
representation of the filter for logging purposes.