Just wondering if .txt files could &#39;become harmful&#39; if I didn&#39;t escape user input. 
My website has a &#39;logger&#39; that is updated each time a user posts a message and I was thinking that I could just do something like this without sanitizing or escaping the input. What do you think?
<pre><code>if (/*user posts something*/) {
 file_put_contents('logger.txt', $_POST['message'], FILE_APPEND);
}
</code></pre>

Just wondering if .txt files could 'become harmful' if I didn't escape user input. 

My website has a 'logger' that is updated each time a user posts a message and I was thinking that I could just do something like this without sanitizing or escaping the input. What do you think?

```
if (/*user posts something*/) {
    file_put_contents('logger.txt', $_POST['message'], FILE_APPEND);
}
```

Should you escape user input for .txt files?

Product

Explore

Company

Blogs

Support