RE: Only by saving the string to a file, Roger Harris, 05-02-2009
by Louis, May 2, 2009 03:30
A few days ago I've implemented a WYSIWYG html editor. It is just for editing descriptions of products in our catalog.
If I could use commands, I could add some functions to show the rights pictures. Instead if embedding them into the html code, I could add a self-written function to get the right picture of a product.
"In the following picture... <% $getImage($productnumb$,2) %>
Writing to a file and including is an option too. But I think it will be slower. And the file should be deleted also.
But I understand the security risk. It's something like the SQL Injection, which I read about for the first time on this forum.
Name E-mail optional TopicMessage:
HTTP Link: Link text: