~foo.html~

# will encode foo (using enc_html()) before displaying it, so that characters # such as < will display properly. # encode for putting within double-quotes in SQL function enc_sql($str) { $str = str_replace("\\", "\\\\", $str); $str = str_replace('"', "\\\"", $str); return $str; } # encode for output in html. does nothing with whitespace function enc_html($str) { $str = str_replace('&', '&', $str); $str = str_replace('<', '<', $str); $str = str_replace('>', '>', $str); return $str; } # html attributes (eg