Add the YouTube code as normal in the AG form as normal. It will convert certain characters into codes. In the output on your web page, convert the codes back into characters.
Code: Select all
$pattern = array();
$pattern[0] = '/</';
$pattern[1] = '/>/';
$replacement = array();
$replacement[0] = '<';
$replacement[1] = '>';
$video = preg_replace($pattern, $replacement, $youtube_fieldcontents);
1. What kind of security issues could this cause?
2. Are there ways to address those security issues?