I have an input field that accepts strings in a form. After submitting the form, it is then saved to the database and attached the inputted string back in the field. Here's the scenario:
Tester breaks my code by inputting: <hello world> The output is: <hello world> The desired output should be: <hello world>
I managed to fix this by using htmlspecialchars_decode($form_data['val']);
Now, what the tester did this time is he input: null The output is : blank (empty string)
My solution is:
// not so efficient since he can always break my code by inputting: "NULL"
if($form_data['val'] === null) {
//problem here is when he input: "NULL"
$form_data['val'] = "null";
}
I want to have an output based on what the user inputs. The only problem here is the NULL or null value inputted. zzzz
if($form_data['val'] === 'null' or $form_data['val'] === '') {
$form_data['val'] = "null";
}
Simple:
$form_data['val'] = (is_null($form_data['val']) || empty($form_data['val'])) ? 'null' : $form_data['val'];